Show HN: enveil – hide your .env secrets from prAIng eyes

13•parkaboy•1h ago

Comments

umairnadeem123•1h ago

this solves a real problem. i run coding agents that have access to my workspace and the .env files are always the scariest part. even with .gitignore, the agent can still read them and potentially include secrets in context that gets sent to an API.

the approach of encrypting at rest and only decrypting into environment variables at runtime means the agent never sees the raw secrets even if it reads every file in the project. much better than the current best practice of just hoping your .gitignore is correct and your AI tool respects it.

one suggestion: it would be useful to have a "dry run" mode that shows which env vars would be set without actually setting them. helps verify the config is correct before you realize three services are broken because a typo in the key name.

anshumankmr•52m ago

What about something like Hashicorp secrets? We have a the hashicorp secrets in launch.json and load the values when the process is initialized (yeah it is still not great)

hjkl_hacker•25m ago

This doesn’t really fix that it can echo the secrets and read the logs. `enveil run — printenv`

Datagenerator•16m ago

Not the author but No, the decryption would ask the secret again? The readme mentions it's wiped from memory after use.

Datagenerator•23m ago

Looks good. Almost stopped reading due the npm example, grasped it was just a use case, kept reading.

Kernel keyring support would be the next step?

PASS=$(keyctl print $(keyctl search @s user enveil_key))

hardsnow•18m ago

Alternative, and more robust approach is to give the agent surrogate credentials and replace them on the way out in a proxy. If proxy runs in an environment to which agent has no access to, the real secrets are not available to it directly; it can only make requests to scoped hosts with those.

I’ve built this in Airut and so far seems to handle all the common cases (GitHub, Anthropic / Google API keys, and even AWS, which requires slightly more work due to the request signing approach). Described in more detail here: https://github.com/airutorg/airut/blob/main/doc/network-sand...

SteveVeilStream•14m ago

Sometimes I need to give Claude Code access to a secret to do something. (e.g. Use the OpenAI API to generate an image to use in the application.) Obviously I rotate those often. But what is interesting is what happens if I forget to provide it the secret. It will just grep the logs and try to find a working secret from other projects/past sessions (at least in --dangerously-skip-permissions mode.)

l332mn•9m ago

I use bubblewrap to sandbox the agent to my projects folder, where the ai gets free read/write reign. Non-synthetic env cars are symlinked into my projects folder from outside that folder.

pedropaulovc•1m ago

1Password has this feature in beta. [1]

[1]: https://developer.1password.com/docs/environments/

Work experience kids messed with manager's PC to send him to Ctrl-Alt-Del hell

NASA's Perseverance Now Autonomously Pinpoints Its Location on Mars

Everyone in AI is building the wrong thing for the same reason

DJI Romo's MQTT broker had no ACLs – one token, 7k home cameras

Anthropic: AI helps break the cost barrier to COBOL modernization

"Just a little detail that wouldn't sell anything"

Trolley: Run Terminal Apps Anywhere

A website for you to sell equity in your micro-SaaS

Russia investigating Telegram founder Durov as part of criminal case

Xiaoyin Qu on X: "Stanford CS grads can't find jobs right now."

Indistinguishable from Magic: Manufacturing Modern Computer Chips

I'm building fitness SaaS – learning about pricing psychology in India

Sigma, camera and lens manufacturer, begins rice cultivation in the Aizu region

How HN: Invariant Governance – Deterministic governance for autonomous systems

Show HN: I built an AI Voice note taker transcriber

The Picture They Paint of You

Components.build: open-source standard for modern, composable and accessible UI

The Market for Marriage

LipoVive Supplement: Activate Your Metabolism and Burn Fat Naturally

Explaining AI Chess for Humans

EverythingQuickSearch: Get Everything Search Inside Windows Start Mwnu

Show HN: Multi-Agent Simulations for Assumption Testing and Analysis (Free)

We scaled our AI Assistant to use virtually unlimited tools

Show HN: Chemistry Lab Simulator (for AS Level)

I got tired of how bloated design tools have became.

Downsizing Is Bonkers?

Show HN: Cord – Constitutional AI enforcement engine for autonomous agents

The Absolute Insider Mess of Prediction Markets

Pace Layering: How Complex Systems Learn and Keep Learning (2018)

The 'botlash' movement is gaining momentum