feat(tsm): allow agents to sweep naked creds via tsm add#10
Closed
tashian wants to merge 2 commits into
Closed
Conversation
…alues)
Refactors `runAdd` into `runAddWith(addOptions)` so tests can inject stdin and
stdout, mirroring the seam used by `runGetWith` in cmd/get.go.
Replaces the `bufio.Scanner` stdin reader with `io.ReadAll` + `TrimRight("\n")`
so values larger than the 64 KB scanner buffer (PEM bundles, GCP service-account
JSON) and multi-line values (which scanner would silently truncate at the first
newline) work correctly. Trailing-newline stripping matches `--from-file`
semantics.
Adds `cmd/add_test.go` (was missing) to lock the agent-facing contract:
- StdinPipe: piped value is sent as `value`, name/display_name/description
travel through unchanged.
- FromFile: trailing newline trimmed.
- LargeStdinValue: 256 KB value round-trips intact (regression guard for
bufio.Scanner).
- MultiLineStdinValue: PEM-style multi-line value preserves internal newlines.
- RejectsValueFlag: regression guard for the CLAUDE.md rule that `--value` must
never be added to `tsm add` (would leak via `ps`/shell history).
- MissingNameNonInteractive / MissingValueNonInteractive: existing validation
errors fire as expected.
- JSONOutput: `--json` emits machine-parseable `{"ok":true}` with no human
prose.
- SendsTagsAndConfirm: `--tags` arrives as a slice; `--confirm true` arrives as
a bool (omitted when false).
Refs #6
Inverts the credential-usage skill's blanket ban on `tsm add`: agents may now move discovered cleartext credentials into the vault following a documented safe workflow. Bans on `edit`, `remove`, `reset`, `init`, and `config set` remain — those are still user-driven. Adds §5 "Sweeping naked credentials into the vault" with: - the 7-step workflow (discover, choose id, announce, move via stdin/file, verify, replace call site, warn about git history); - safe transports (`printf '%s' | tsm add`, `--from-file`) and an explanation of why `printf` is safe in `bash -c` (shell builtin → not in `ps`); - a "Never" subsection covering add-time hazards: no `--value`, no positional value, no `echo` (not always builtin in fish), no heredocs (shell history), no chat-paste, no scratch files, no premature source deletion, no autonomous `git filter-repo`; - a worked end-to-end example sweeping `OPENAI_API_KEY` from `.env` to a vault entry tagged `swept`, including the agent's announce/closing messages. Updates the frontmatter `description` so the dispatcher loads the skill on "audit my repo for hardcoded secrets" / "sweep naked credentials" tasks. Adds a forward link from §4 to §5 so the remaining mutation bans aren't read as also banning sweeps. Closes #6
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
tsm add: agents may now move discovered cleartext credentials into the vault following a documented safe workflow.edit,remove,reset,init, andconfig set(still user-driven).bufio.ScannerinrunAddwithio.ReadAll+TrimRightso stdin values >64KB and multi-line values work.cmd/add_test.go(was missing) to lock the agent-facing contract: stdin pipe, --from-file, large value, multi-line value, --json output, no--valueflag, missing-name error.Closes #6
Test plan
go test ./cmd/...passestsm addstill rejects a--valueflag (regression test confirms)