libsecret Skill

When to Use

• Generating cryptographic secrets for APIs
• Creating and signing JWTs
• Managing .env file variables
• Creating deterministic hashes from values

Key Concepts

Secret generation: Cryptographically secure random string generation for API keys and tokens.

JWT creation: HS256-signed JSON Web Tokens for authentication.

Environment management: Read/write .env files programmatically.

Usage Patterns

Pattern 1: Generate secrets

import { generateSecret, generateSecretB64 } from "@copilot-ld/libsecret";

const apiKey = generateSecret(); // hex string
const token = generateSecretB64(); // base64url string

Pattern 2: Manage .env variables

import { getEnvVar, setEnvVar } from "@copilot-ld/libsecret";

await setEnvVar(".env", "API_SECRET", secret);
const value = await getEnvVar(".env", "API_SECRET");

Pattern 3: Create JWT

import { createJwt } from "@copilot-ld/libsecret";

const jwt = createJwt({ userId: "123" }, secret, { expiresIn: "1h" });

Integration

Used during setup scripts and initialization. Called by scripts/env-secrets.js.