Vault & Secrets
The vault is aide.sh's encrypted secret store. Secrets are injected as environment variables at skill execution time.
Import from .env file
$ aide.sh vault import .env
Imported 5 secrets from .env
The .env file uses standard KEY=VALUE format:
NTU_COOL_TOKEN=abc123
SMTP_USER=user@example.com
SMTP_PASS=hunter2
Set individual secrets
$ aide.sh vault set NTU_COOL_TOKEN=abc123
Set NTU_COOL_TOKEN
$ aide.sh vault set SMTP_USER=user@example.com SMTP_PASS=hunter2
Set SMTP_USER
Set SMTP_PASS
Check vault status
$ aide.sh vault status
Vault: ~/.aide/vault.db (encrypted, AES-256-GCM)
Secrets: 5 stored
NTU_COOL_TOKEN set 2025-06-01
SMTP_USER set 2025-06-01
SMTP_PASS set 2025-06-01
POP3_USER set 2025-06-01
POP3_PASS set 2025-06-01
Rotate encryption key
$ aide.sh vault rotate
Vault key rotated. All secrets re-encrypted.
Three-tier environment scoping
When a skill runs, environment variables are resolved in this order (highest priority first):
- Per-skill env — variables listed in
[skills.NAME] env - Per-agent env — variables listed in
[env] requiredandoptional - Vault — global secrets available to all agents
If the same key exists at multiple levels, the highest-priority value wins.
# Agentfile.toml
[skills.email]
script = "skills/email.sh"
env = ["SMTP_USER", "SMTP_PASS"] # skill-level: checked first
[env]
required = ["NTU_COOL_TOKEN"] # agent-level: checked second
optional = ["SMTP_USER"] # vault: checked last
Credential leak scanning
aide.sh scans skill output for potential secret leaks:
$ aide.sh exec bot email check
[warn] Potential secret detected in output (SMTP_PASS pattern). Use --allow-leak to suppress.
This is a best-effort check. Always review scripts that handle sensitive data.
Security notes
- The vault database is stored at
~/.aide/vault.db - Encryption uses AES-256-GCM with a key derived from your system keychain
- Secrets are never written to disk in plaintext
aide.sh vault exportis intentionally not supported