← Back to Skills Marketplace

Keys

Name: Keys
Author: ivangdavila

by Iván · GitHub ↗ · v1.0.0

linuxdarwin ✓ Security Clean

968

Downloads

Stars

Active Installs

Versions

Install in OpenClaw

/install keys

Description

Secure API key management with broker. Keys never exposed to agent context.

README (SKILL.md)

Usage

Make authenticated API calls without seeing the key:

keys-broker call '{"action":"call","service":"openai","url":"https://api.openai.com/v1/chat/completions","method":"POST","body":{"model":"gpt-4","messages":[{"role":"user","content":"Hello"}]}}'

Response:

{"ok": true, "status": 200, "body": {...}}

Supported Services

Only preconfigured services work (security: prevents key exfiltration):

openai → api.openai.com
anthropic → api.anthropic.com
stripe → api.stripe.com
github → api.github.com

To add services, edit ALLOWED_URLS in keys-broker.sh.

Rules

Never retrieve keys directly — always use keys-broker call
Never ask user to paste keys in chat — guide them to keychain commands

Other Tasks

First time setup → see setup.md (install keys-broker.sh)
Add/remove/rotate keys → see manage.md

Limitations

Does NOT work in: Docker containers, WSL, headless Linux servers (no keychain access).

Usage Guidance

This skill appears to implement a local key broker correctly and does not include hidden network endpoints or downloads. Before installing, verify the script file yourself (it is included) and only install from a source you trust. Important cautions: (1) any API key you store gives the agent the power to act as you (e.g., charge via Stripe, push to GitHub) — use least-privilege tokens and rotate them if possible; (2) do not add untrusted services to ALLOWED_URLS (editing the allowlist is how exfiltration could be enabled); (3) only use on supported desktop systems with a locked keyring (macOS Keychain or GNOME/KDE keyring) as documented; (4) ensure ~/.local/bin/keys-broker is installed with correct ownership/permissions and inspect temporary files/cleanup policy if you have high-security requirements. If you want higher assurance, run the broker under a dedicated account or use tokens scoped to minimal privileges.

Capability Analysis

Type: OpenClaw Skill Name: keys Version: 1.0.0 The OpenClaw AgentSkills bundle 'keys' is designed for secure API key management, explicitly preventing key exposure to the agent. The `keys-broker.sh` script implements robust security measures including strict URL allowlisting, input validation, secure key retrieval from OS keychains, and preventing API keys from appearing in process lists by using temporary files for authentication headers. The `SKILL.md` and `manage.md` files contain explicit instructions for the AI agent to 'Never retrieve keys directly' and 'Never ask user to paste keys in chat', acting as strong prompt-injection defenses. There is no evidence of malicious intent, data exfiltration, unauthorized execution, or persistence mechanisms; instead, the design prioritizes security and key protection.

Capability Assessment

✓ Purpose & Capability

Name/description (key broker) matches what is included: a shell script that reads keys from the OS keychain (macOS 'security', Linux 'secret-tool') and issues HTTPS requests to pre-allowed service domains. Required binaries (curl, jq, bash) are appropriate.

✓ Instruction Scope

SKILL.md and associated docs instruct the agent to call the broker for API calls and to manage keys via local keyring tools. The runtime instructions do not ask the agent to read unrelated files, environment variables, or send data to unexpected endpoints. The script itself performs limited checks (reads /proc/* for environment detection) which are reasonable for determining supportability.

✓ Install Mechanism

No remote download/install is performed by the skill; installation is a local copy (docs show cp to ~/.local/bin). No external archives or third-party packages are fetched by the skill.

✓ Credentials

No environment variables or external credentials are requested. Keys are retrieved from the OS keychain/keyring only. The number and type of system accesses (security/secret-tool, DBUS check) are proportional to the stated goal.

✓ Persistence & Privilege

Skill is not always:true and does not modify other skills or system-wide agent settings. It runs as an on-demand local binary that accesses only the user's keychain; autonomous invocation is allowed by default but that is expected behavior for skills.

How to Use

Make sure OpenClaw is installed (local or Docker)
Run the install command in chat: /install keys
After installation, invoke the skill by name or use /keys
Provide required inputs per the skill's parameter spec and get structured output

Version History

v1.0.0

Initial release

Metadata

Slug keys

Version 1.0.0

License —

All-time Installs 0

Active Installs 0

Total Versions 1

Frequently Asked Questions

What is Keys?

Secure API key management with broker. Keys never exposed to agent context. It is an AI Agent Skill for Claude Code / OpenClaw, with 968 downloads so far.

How do I install Keys?

Run "/install keys" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is Keys free?

Yes, Keys is completely free (open-source). You can download, install and use it at no cost.

Which platforms does Keys support?

Keys is cross-platform and runs anywhere OpenClaw / Claude Code is available (linux, darwin).

Who created Keys?

It is built and maintained by Iván (@ivangdavila); the current version is v1.0.0.

More Skills