{"id":51577198,"url":"https://github.com/royashbrook/hush","last_synced_at":"2026-07-11T01:32:07.170Z","repository":{"id":365760839,"uuid":"1273354626","full_name":"royashbrook/hush","owner":"royashbrook","description":"a secret store for AI agents with one rule: the agent never sees the plaintext. get a secret once into the OS keychain, then inject it into commands forever. no get, cross-platform, MIT.","archived":false,"fork":false,"pushed_at":"2026-06-29T03:32:10.000Z","size":114,"stargazers_count":6,"open_issues_count":4,"forks_count":0,"subscribers_count":0,"default_branch":"main","last_synced_at":"2026-06-29T05:17:14.571Z","etag":null,"topics":["agent-skills","ai-agents","claude-code","cli","credentials","developer-tools","keychain","royashbrook-tool","secrets","secrets-management","security"],"latest_commit_sha":null,"homepage":null,"language":"Shell","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/royashbrook.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":"AGENTS.md","dco":null,"cla":null}},"created_at":"2026-06-18T12:48:40.000Z","updated_at":"2026-06-29T03:32:13.000Z","dependencies_parsed_at":null,"dependency_job_id":null,"html_url":"https://github.com/royashbrook/hush","commit_stats":null,"previous_names":["royashbrook/hush"],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/royashbrook/hush","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/royashbrook%2Fhush","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/royashbrook%2Fhush/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/royashbrook%2Fhush/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/royashbrook%2Fhush/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/royashbrook","download_url":"https://codeload.github.com/royashbrook/hush/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/royashbrook%2Fhush/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":35348376,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-05-26T15:22:16.424Z","status":"online","status_checked_at":"2026-07-10T02:00:06.465Z","response_time":60,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["agent-skills","ai-agents","claude-code","cli","credentials","developer-tools","keychain","royashbrook-tool","secrets","secrets-management","security"],"created_at":"2026-07-11T01:32:06.958Z","updated_at":"2026-07-11T01:32:07.135Z","avatar_url":"https://github.com/royashbrook.png","language":"Shell","funding_links":[],"categories":[],"sub_categories":[],"readme":"\u003cp align=\"center\"\u003e\n  \u003cpicture\u003e\n    \u003csource media=\"(prefers-color-scheme: dark)\" srcset=\"assets/logo-dark.svg\"\u003e\n    \u003cimg src=\"assets/logo.svg\" width=\"180\" alt=\"hush\"\u003e\n  \u003c/picture\u003e\n\u003c/p\u003e\n\n\u003cp align=\"center\"\u003e\u003cem\u003ea secret store for AI agents, the one with no \u003ccode\u003eget\u003c/code\u003e.\u003c/em\u003e\u003c/p\u003e\n\n\u003cp align=\"center\"\u003e\n  \u003ca href=\"https://github.com/royashbrook/hush/actions/workflows/ci.yml\"\u003e\u003cimg src=\"https://github.com/royashbrook/hush/actions/workflows/ci.yml/badge.svg\" alt=\"CI\"\u003e\u003c/a\u003e\n  \u003cimg src=\"https://img.shields.io/badge/license-MIT-1f3a34?style=flat-square\" alt=\"MIT\"\u003e\n  \u003cimg src=\"https://img.shields.io/badge/runs%20on-mac%20%C2%B7%20linux%20%C2%B7%20windows-1f3a34?style=flat-square\" alt=\"cross-platform\"\u003e\n  \u003cimg src=\"https://img.shields.io/badge/get-none-1f3a34?style=flat-square\" alt=\"no get\"\u003e\n\u003c/p\u003e\n\n\u003cp align=\"center\"\u003e\u003cstrong\u003eget a secret once into the OS keychain, then inject it into commands forever, the value never hits stdout, the transcript, or the cloud.\u003c/strong\u003e\u003c/p\u003e\n\n---\n\nA secret store for AI agents, with one hard rule: **the agent never sees the plaintext.**\n\nValues never reach stdout, so they never land in the tool result, the transcript, or the cloud. A\nsecret only ever moves from the store straight into the consumer. There's no `get` on purpose, a\nplain getter is the leak.\n\nThe point: you (an agent) are running as the user with their CLIs already authed, so you can already\nset a server-side secret or call a service, you just can't *see* the value without it landing in the\nchat. hush gets it once into the OS keychain, then you inject it into those commands forever. No\nchat paste, no temp files, no `.env` to commit by accident.\n\n## agents: start here\n\n**If you were handed this repo's url, install yourself, then follow the playbook.** Get the `hush`\nscript onto the box and read [`SKILL.md`](SKILL.md), that's the whole onboarding (it covers store /\nmint / inject and how to adopt hush in the repo you're working in). The script is one self-contained\nbash file; put it wherever your agent loads tools or just on your `PATH`:\n\n```sh\ngit clone https://github.com/royashbrook/hush\nchmod +x hush/hush\n# then put hush/hush on your PATH, or move it into your agent's skills/tools dir\n```\n\nor run it straight from npm without cloning: `npx @royashbrook/hush \u003ccmd\u003e` (mac/linux; on windows use the\nclone, the orchestrator is bash).\n\nClaude Code convenience (auto-loads as a skill): clone straight into the skills dir instead, whole\nsession `git clone https://github.com/royashbrook/hush ~/.claude/skills/hush`, or one project\n`./.claude/skills/hush`. Other agents: see [AGENTS.md](AGENTS.md).\n\nThat's it, the human points you here and says \"use the hush skill,\" and you take it from here. The\none thing only a human can do is paste a secret they hold: when you hit that, run `hush set \u003cname\u003e`\nand a hidden dialog pops on *their* screen (you never see the value).\n\n## install (humans)\n\nSame clone as above, or just grab the single `hush` script and put it on your PATH.\n\nBackends: macOS Keychain, Linux libsecret (`secret-tool`), and Windows DPAPI (via PowerShell) are\nbuilt in. On other platforms keep the same contract with your OS secret store (see [SKILL.md](SKILL.md)).\nCross-OS tested in CI (manual `workflow_dispatch`, all three runners).\n\n## quick start\n\n```sh\nhush set my-vendor-token                      # paste a value you hold (hidden prompt)\nprintf '%s' \"$TOK\" | hush set my-vendor-token # ...or pipe it in (scripts/CI), still off argv\nhush mint app-operator-key                    # generate + store a random one\nhush run TOKEN=my-vendor-token -- some-cmd    # inject into a command, never printed\nhush list                                     # names only, never values\n```\n\nNaming: keep the default `hush` namespace and **prefix names by project** (`blame-cf-token`,\n`lifescored-gemini-key`) so one keychain search for `hush` finds everything. `HUSH_NS` is only for a\ngenuinely separate store, not per-project. Need to fix an existing name? `hush rename \u003cold\u003e \u003cnew\u003e`\nmoves the value internally (never re-asked, never printed). Full docs + the portable contract:\n[SKILL.md](SKILL.md).\n\n## not a vault\n\nAn agent with shell access can read+write this store, so it's not a lock against a hostile process.\nIt's structure that keeps plaintext out of the transcript and makes \"store once, inject everywhere\"\nthe easy path. It's also only as durable as the machine it's on (a local keychain), back the machine\nup, or sync onward into a real secret manager, and don't make hush the only copy of a secret you\ncan't regenerate. MIT licensed.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Froyashbrook%2Fhush","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Froyashbrook%2Fhush","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Froyashbrook%2Fhush/lists"}