← Back to Skills Marketplace
Secure Workspace
by
asistentegordito
· GitHub ↗
· v1.0.1
· MIT-0
38
Downloads
0
Stars
1
Active Installs
2
Versions
Install in OpenClaw
/install secure-workspace
Description
Cifra API keys, tokens y contraseñas con age para proteger secrets del workspace.
README (SKILL.md)
Secure Workspace
Cifra secrets con age para protegerlos en repositorios y backups.
Uso
# 1. Generar par de llaves (si no existe)
bash scripts/secure/setup.sh
# 2. Cifrar un secreto
echo 'export API_KEY="..."' | bash scripts/secure/encrypt.sh scripts/secure/secrets.env.age
# 3. Descifrar al vuelo
source \x3C(bash scripts/secure/decrypt.sh scripts/secure/secrets.env.age)
Archivos
| Archivo | Función |
|---|---|
scripts/secure/encrypt.sh |
Cifra stdin → .age |
scripts/secure/decrypt.sh |
Descifra .age → stdout |
scripts/secure/setup.sh |
Genera par de llaves |
Requisitos
age(apt install age / brew install age)
Nota
La clave privada está en /root/.age/key.txt. No se sube al repo.
Usage Guidance
Install only if you want a simple local age-based workflow for workspace secrets. Run setup first, verify which key path the helpers use, protect the private key carefully, and avoid sourcing decrypted secrets in shared shells, logs, CI steps, or sessions that will run untrusted commands.
Capability Tags
Capability Assessment
Purpose & Capability
The skill purpose is to protect API keys, tokens, and passwords with age; the artifacts only document and provide setup, encrypt, and decrypt shell helpers for that workflow.
Instruction Scope
The documented `source <(...)` usage intentionally loads decrypted secrets into the current shell environment, which is purpose-aligned but leaves secrets available to later shell commands until cleared.
Install Mechanism
The setup script creates `$HOME/.age/key.txt`, sets the directory to 700, and rewrites the helper scripts to use the home-directory key; this is disclosed behavior, though mutating shipped helper scripts is worth noticing.
Credentials
The packaged helpers initially hard-code `/root/.age/key.txt`, while setup rewrites them to `$HOME/.age/key.txt`; this is a portability and scoping caution, not evidence of hidden or unrelated behavior.
Persistence & Privilege
The skill persists a local age private key for future decryptions, which is expected for the stated purpose; no background process, privilege escalation, destructive action, or exfiltration path was found.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install secure-workspace - After installation, invoke the skill by name or use
/secure-workspace - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.1
Fix: standalone skill directory, only ships SKILL.md + encrypt/decrypt/setup scripts. Removed 102 unnecessary workspace files that triggered ClawScan false positive.
Metadata
Frequently Asked Questions
What is Secure Workspace?
Cifra API keys, tokens y contraseñas con age para proteger secrets del workspace. It is an AI Agent Skill for Claude Code / OpenClaw, with 38 downloads so far.
How do I install Secure Workspace?
Run "/install secure-workspace" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Secure Workspace free?
Yes, Secure Workspace is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does Secure Workspace support?
Secure Workspace is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created Secure Workspace?
It is built and maintained by asistentegordito (@asistentegordito); the current version is v1.0.1.
More Skills