Can this skill help with automated secret rotation?

Absolutely. It provides specific implementation patterns for automated rotation using AWS Lambda and manual rotation processes to ensure credentials are changed regularly.

Does this skill help prevent secrets from being committed to Git?

Yes, it includes guidance on setting up pre-commit hooks and CI/CD scanning tools like TruffleHog to detect and block sensitive data exposure before it reaches your repository.

What are the recommended best practices included?

The skill enforces industry standards such as never committing secrets to Git, using environment-specific secrets, implementing least-privilege access, and masking secrets in logs.

How does it handle secrets in Kubernetes?

It provides configuration patterns for the External Secrets Operator, allowing you to securely synchronize secrets from external providers directly into Kubernetes Secret objects.

Which cloud providers are supported by this skill?

The skill covers all major providers including AWS Secrets Manager, Azure Key Vault, and Google Secret Manager, as well as platform-agnostic solutions like HashiCorp Vault.

Secure Secrets Management

Name: Secure Secrets Management
Author: Microck

byMicrock

•

110

セキュリティとテスト

Implements robust secrets management and credential protection across CI/CD pipelines and cloud environments.

概要

This skill provides a comprehensive framework for securing sensitive data throughout the software development lifecycle. It guides Claude in configuring and integrating centralized secrets engines like HashiCorp Vault, AWS Secrets Manager, and Azure Key Vault into modern workflows including GitHub Actions, GitLab CI, and Kubernetes. By emphasizing automated secret rotation, proactive secret scanning with tools like TruffleHog, and the enforcement of least-privilege access, it ensures that API keys, database credentials, and TLS certificates remain protected and are never exposed in source code or build logs.

主な機能

Secure CI/CD configuration patterns for GitHub Actions and GitLab
Automated and manual secret rotation implementation guides
Secret scanning and prevention using pre-commit hooks and CI/CD steps
Multi-provider integration with Vault, AWS, Azure, and Google Secret Manager
110 GitHub stars
Kubernetes integration via External Secrets Operator

ユースケース

Automating database password rotation for production cloud environments
Hardening CI/CD pipelines to prevent accidental credential leakage in logs
Migrating hardcoded environment variables to centralized, encrypted secret stores

概要

主な機能

Secure CI/CD configuration patterns for GitHub Actions and GitLab
Automated and manual secret rotation implementation guides
Secret scanning and prevention using pre-commit hooks and CI/CD steps
Multi-provider integration with Vault, AWS, Azure, and Google Secret Manager
110 GitHub stars
Kubernetes integration via External Secrets Operator

ユースケース

Automating database password rotation for production cloud environments
Hardening CI/CD pipelines to prevent accidental credential leakage in logs
Migrating hardcoded environment variables to centralized, encrypted secret stores