Skip to content

docs(skills): redact secrets in remember skill #941

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
caioribeiroclw-pixel wants to merge 1 commit into
base: main
Choose a base branch
from
+34 −6
Open

docs(skills): redact secrets in remember skill #941

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
17 changes: 17 additions & 0 deletions plugin/skills/remember/EXAMPLES.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -65,3 +65,20 @@ memory_save {
```

Present the confirmation with the concepts echoed back.

## 4. Saving a security-sensitive note

User: "Remember that production uses API key `sk-live-example` for the billing provider."

Invocation:

```json
memory_save {
"content": "Production billing provider uses an API key; the secret value was redacted and must be retrieved from the secret manager.",
"concepts": "billing-provider, api-key, secret-manager",
"files": ""
}
```

Do not store the raw key, password, token, cookie, private key, or connection
string in memory. Preserve the operational fact and retrieval terms only.
23 changes: 17 additions & 6 deletions plugin/skills/remember/SKILL.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -26,27 +26,38 @@ Saved memory abc12345 with 3 concepts: jwt-refresh-rotation, token-revocation, a
## Why

A memory is only as useful as the terms that retrieve it. Tag with specific
concepts so a future `recall` finds it, and preserve the user's own phrasing.
concepts so a future `recall` finds it, and preserve the user's meaning without
persisting credentials, tokens, passwords, or other secrets.

## Workflow

1. Pull the core insight, decision, or fact out of `$ARGUMENTS`.
2. Extract 2-5 lowercased concept phrases. Prefer specific over generic
2. Sanitize sensitive values before constructing `content`. Redact credentials,
API keys, tokens, passwords, private keys, session cookies, connection
strings, and other secrets. Preserve the useful meaning, not the secret
itself.
3. Extract 2-5 lowercased concept phrases. Prefer specific over generic
(`jwt-refresh-rotation` beats `auth`).
3. Extract referenced file paths (absolute or repo-relative). Empty if none.
4. Call `memory_save` with `content`, `concepts` (comma-separated string), and
4. Extract referenced file paths (absolute or repo-relative). Empty if none.
5. Call `memory_save` with `content`, `concepts` (comma-separated string), and
`files` (comma-separated string).
5. Confirm the save and echo the concepts so the user knows the retrieval terms.
6. Confirm the save and echo the concepts so the user knows the retrieval terms.

## Anti-patterns

WRONG: `concepts: "stuff, code, notes"` (generic tags nothing can find later).

RIGHT: `concepts: "jwt-refresh-rotation, token-revocation"` (specific, retrievable).

WRONG: `content: "Production API key is sk-live-..."` (persists a secret).

RIGHT: `content: "Production API uses a bearer token; the token value was redacted and must be retrieved from the secret manager."`

## Checklist

- Content preserves the user's phrasing, not a paraphrase.
- Content preserves the user's meaning, but redacts credentials, tokens,
passwords, private keys, session cookies, connection strings, and other
secrets.
- Concepts are specific, lowercased, 2-5 items.
- File paths are real references, not guesses.
- Confirmation echoes the exact concepts tagged.
Expand Down