Vault & Secrets

The vault is aide.sh's encrypted secret store. Secrets are injected as environment variables at skill execution time.

Import from .env file

$ aide.sh vault import .env
Imported 5 secrets from .env

The .env file uses standard KEY=VALUE format:

NTU_COOL_TOKEN=abc123
[email protected]
SMTP_PASS=hunter2

Set individual secrets

$ aide.sh vault set NTU_COOL_TOKEN=abc123
Set NTU_COOL_TOKEN

$ aide.sh vault set [email protected] SMTP_PASS=hunter2
Set SMTP_USER
Set SMTP_PASS

Check vault status

$ aide.sh vault status
Vault: ~/.aide/vault.db (encrypted, AES-256-GCM)
Secrets: 5 stored
  NTU_COOL_TOKEN   set 2025-06-01
  SMTP_USER        set 2025-06-01
  SMTP_PASS        set 2025-06-01
  POP3_USER        set 2025-06-01
  POP3_PASS        set 2025-06-01

Rotate encryption key

$ aide.sh vault rotate
Vault key rotated. All secrets re-encrypted.

Three-tier environment scoping

When a skill runs, environment variables are resolved in this order (highest priority first):

Per-skill env — variables listed in [skills.NAME] env
Per-agent env — variables listed in [env] required and optional
Vault — global secrets available to all agents

If the same key exists at multiple levels, the highest-priority value wins.

# Agentfile.toml
[skills.email]
script = "skills/email.sh"
env = ["SMTP_USER", "SMTP_PASS"]   # skill-level: checked first

[env]
required = ["NTU_COOL_TOKEN"]       # agent-level: checked second
optional = ["SMTP_USER"]            # vault: checked last

Credential leak scanning

aide.sh scans skill output for potential secret leaks:

$ aide.sh exec bot email check
[warn] Potential secret detected in output (SMTP_PASS pattern). Use --allow-leak to suppress.

This is a best-effort check. Always review scripts that handle sensitive data.

Security notes

The vault database is stored at ~/.aide/vault.db
Encryption uses AES-256-GCM with a key derived from your system keychain
Secrets are never written to disk in plaintext
aide.sh vault export is intentionally not supported