Harness-engineering harness-secrets
name: harness-secrets
install
source · Clone the upstream repo
git clone https://github.com/Intense-Visions/harness-engineering
manifest:
agents/skills/claude-code/harness-secrets/skill.yamlsource content
name: harness-secrets version: "1.0.0" description: Vault integration, credential rotation, and environment variable hygiene stability: static cognitive_mode: meticulous-verifier tier: 3 internal: false keywords:
- secrets
- vault
- credentials
- env
- environment variables
- rotation
- HashiCorp
- AWS Secrets Manager
- dotenv
- encryption
- API keys stack_signals:
- ".env*"
- "vault.hcl"
- "src//secrets/"
- "src//config/"
- ".sops.yaml"
- "secrets/"
- "credentials/" triggers:
- manual
- on_pr
- on_commit platforms:
- claude-code
- gemini-cli
- cursor
- codex tools:
- Bash
- Read
- Glob
- Grep
- emit_interaction
cli:
command: harness skill run harness-secrets
args:
- name: path description: Project root path required: false
- name: changed-only description: Only scan git-changed files type: boolean required: false
- name: fix description: Auto-remediate by extracting secrets to env vars type: boolean required: false mcp: tool: run_skill input: skill: harness-secrets path: string type: rigid phases:
- name: scan description: Detect secrets, credentials, and sensitive values in source code required: true
- name: classify description: Categorize findings by severity and secret type required: true
- name: remediate description: Recommend or apply secret extraction and rotation strategies required: true
- name: validate description: Verify secrets are properly externalized and gitignored required: true state: persistent: false files: [] depends_on: []