OpenCode Skills.
← Catalog

No. 131 · security

Secrets Management

Handle API keys and credentials safely

Version 1.0.0 License MIT Format SKILL.md

Manage secrets: use environment variables, secret managers (Vault, AWS SSM, GCP Secret Manager), rotate credentials, and scan for leaked secrets.

When to use this skill

  • Storing API keys safely
  • Rotating database credentials
  • Scanning for leaked secrets

Core concepts

This skill provides guidance on secrets management best practices, patterns, and common pitfalls. It is designed to be loaded on demand when a relevant task is detected.

Installation

curl -LO https://opencode-skills.example/downloads/security/secrets-management.zip
unzip secrets-management.zip -d ~/.config/opencode/skills/

Restart OpenCode — the skill loads automatically.

When it triggers

  • storing API keys safely
  • rotating database credentials
  • scanning for leaked secrets