secret-portalSpin up a one-time web UI for securely entering secret keys and env vars. Supports guided instructions, single-key mode, and cloudflared tunneling.
Install via ClawdBot CLI:
clawdbot install awlevin/secret-portalSpin up a temporary, one-time-use web UI for securely entering secret keys and environment variables. No secrets ever touch chat history or terminal logs.
# Single key with cloudflared tunnel (recommended)
uv run --with secret-portal secret-portal \
-k API_KEY_NAME \
-f ~/.secrets/target-env-file \
--tunnel cloudflared
# With guided instructions and a link to the key's console
uv run --with secret-portal secret-portal \
-k OPENAI_API_KEY \
-f ~/.env \
-i '<strong>Get your key:</strong><ol><li>Go to platform.openai.com</li><li>Click API Keys</li><li>Create new key</li></ol>' \
-l "https://platform.openai.com/api-keys" \
--link-text "Open OpenAI dashboard →" \
--tunnel cloudflared
# Multi-key mode (no -k flag, user enters key names and values)
uv run --with secret-portal secret-portal \
-f ~/.secrets/keys.env \
--tunnel cloudflared| Flag | Description |
|------|-------------|
| -k, --key | Pre-populate a single key name (user only enters the value) |
| -f, --env-file | Path to save secrets to (default: ~/.env) |
| -i, --instructions | HTML instructions shown above the input field |
| -l, --link | URL button for where to get/create the key |
| --link-text | Label for the link button (default: "Open console →") |
| --tunnel | cloudflared (recommended), ngrok, or none |
| -p, --port | Port to bind to (default: random) |
| --timeout | Seconds before auto-shutdown (default: 300) |
Use --tunnel cloudflared — it's free, requires no account, has no interstitial pages, provides HTTPS, and auto-downloads the binary if missing.
ngrok free tier shows an interstitial warning page that blocks mobile and automated use.
Without a tunnel, the port must be open in your firewall/security group. The CLI will warn you if it detects the port is unreachable.
600 permissions (owner-only)https://github.com/Olafs-World/secret-portal
Generated Mar 1, 2026
New developers can securely input API keys for tools like OpenAI or AWS during onboarding without sharing secrets via chat or email. The portal provides guided instructions and a direct link to the key management console, ensuring compliance and reducing manual errors.
Teams can use the portal to configure environment variables for staging or production servers, allowing remote engineers to enter secrets safely via a web interface. It supports multi-key mode for complex setups and uses cloudflared tunneling for secure access without firewall changes.
Support agents can generate a one-time portal for customers to input sensitive credentials like API keys for integration troubleshooting, without exposing secrets in support tickets. The HTML instructions can guide customers through specific steps, enhancing security and user experience.
Instructors can set up temporary portals for students to enter API keys during coding workshops, ensuring keys are not logged in shared terminals. The single-key mode simplifies the process for beginners, and the auto-shutdown feature prevents lingering access.
Freelancers can securely collect environment variables from clients for project deployments, using the portal with cloudflared tunneling to avoid exposing local ports. This eliminates the need for insecure file transfers and maintains client confidentiality.
Offer a free version with basic features like single-key mode and cloudflared tunneling, while charging for advanced options such as custom branding, audit logs, or integration with enterprise secret managers. Revenue can come from subscriptions targeting small teams and large organizations.
Package the skill as part of a larger security suite for companies needing compliant secret management, with features like SSO integration, role-based access, and automated compliance reporting. Revenue is generated through annual licenses and support contracts.
Sell the skill on platforms like GitHub Marketplace or package managers, with one-time purchases or usage-based pricing for additional features like extended timeout or priority support. Revenue streams include direct sales and affiliate partnerships with cloud service providers.
💬 Integration Tip
Integrate with existing CI/CD pipelines to automate secret injection during deployments, using the portal's env-file output to securely populate environment variables without hardcoding.
Automatically update Clawdbot and all installed skills once daily. Runs via cron, checks for updates, applies them, and messages the user with a summary of what changed.
Full desktop computer use for headless Linux servers. Xvfb + XFCE virtual desktop with xdotool automation. 17 actions (click, type, scroll, screenshot, drag,...
Essential Docker commands and workflows for container management, image operations, and debugging.
Tool discovery and shell one-liner reference for sysadmin, DevOps, and security tasks. AUTO-CONSULT this skill when the user is: troubleshooting network issues, debugging processes, analyzing logs, working with SSL/TLS, managing DNS, testing HTTP endpoints, auditing security, working with containers, writing shell scripts, or asks 'what tool should I use for X'. Source: github.com/trimstray/the-book-of-secret-knowledge
Deploy applications and manage projects with complete CLI reference. Commands for deployments, projects, domains, environment variables, and live documentation access.
Monitor topics of interest and proactively alert when important developments occur. Use when user wants automated monitoring of specific subjects (e.g., product releases, price changes, news topics, technology updates). Supports scheduled web searches, AI-powered importance scoring, smart alerts vs weekly digests, and memory-aware contextual summaries.