setup-credentials

Facilitates secure credential setup for agents, detecting missing credentials and offering authentication options for seamless integration.

Install this skill

or

44/100

Security score

The setup-credentials skill was audited on Feb 12, 2026 and we found 20 security issues across 2 threat categories. Review the findings below before installing.

Categories Tested

Security Issues

medium line 3

Access to hidden dotfiles in home directory

SourceSKILL.md

3	description: Set up and install credentials for an agent. Detects missing credentials from agent config, collects them from the user, and stores them securely in the encrypted credential store at ~/.h

low line 53

Access to hidden dotfiles in home directory

SourceSKILL.md

53	# Use encrypted storage (default: ~/.hive/credentials)

medium line 186

Access to hidden dotfiles in home directory

SourceSKILL.md

186	Also save to `~/.hive/configuration.json` for the framework:

low line 212

Access to hidden dotfiles in home directory

SourceSKILL.md

212	# - Creates encrypted local storage at ~/.hive/credentials

low line 300

Access to hidden dotfiles in home directory

SourceSKILL.md

300	(This will be stored securely in ~/.hive/credentials)

low line 366

Access to hidden dotfiles in home directory

SourceSKILL.md

366	- Pre-populate ~/.hive/credentials programmatically

medium line 374

Access to hidden dotfiles in home directory

SourceSKILL.md

374	Track which auth method was used for each credential in `~/.hive/configuration.json`:

medium line 430

Access to hidden dotfiles in home directory

SourceSKILL.md

430	- The user MUST persist this key (e.g., in `~/.bashrc` or a secrets manager)

medium line 432

Access to hidden dotfiles in home directory

SourceSKILL.md

432	- This is the ONLY secret that should live in `~/.bashrc` or environment config

medium line 438

Access to hidden dotfiles in home directory

SourceSKILL.md

438	3. Recommend adding it to `~/.bashrc` or their shell profile

medium line 446

Access to hidden dotfiles in home directory

SourceSKILL.md

446	- ALWAYS use the encrypted credential store (`~/.hive/credentials`) for persistence

medium line 449

Access to hidden dotfiles in home directory

SourceSKILL.md

449	- When modifying `~/.bashrc` or `~/.zshrc`, confirm with the user first

low line 556

Access to hidden dotfiles in home directory

SourceSKILL.md

556	Agent: Would you like me to save this to your shell config (~/.zshrc) for future sessions?

low line 559

Access to hidden dotfiles in home directory

SourceSKILL.md

559	[Saves to ~/.zshrc and ~/.hive/configuration.json]

medium line 488

Access to .env file

SourceSKILL.md

488	- CredentialManager only reads from environment variables and .env files (no encryption, no refresh)

low line 150

External URL reference

SourceSKILL.md

150	url = get_aden_setup_url() # https://integration.adenhq.com/setup

low line 197

External URL reference

SourceSKILL.md

197	"api_url": "https://api.adenhq.com"

low line 216

External URL reference

SourceSKILL.md

216	base_url="https://api.adenhq.com",

low line 227

External URL reference

SourceSKILL.md

227	print("Please visit https://integration.adenhq.com to connect HubSpot, then try again.")

low line 242

External URL reference

SourceSKILL.md

242	base_url="https://api.adenhq.com",

Scanned on Feb 12, 2026

View Security Dashboard

Installation guide →

GitHub Stars 55

Rate this skill

Categorydevelopment

UpdatedMay 21, 2026

openclaw api devops-sre backend-developer technical-support development support

NeverSight/skills_feed