Vault Secrets

Vaultwarden credential management.

Prerequisites

# Bitwarden CLI
brew install bitwarden-cli
bw config server https://vault.example.com
bw login <email> --raw > ~/.bw_session
chmod 600 ~/.bw_session

Quick Reference

Get Secret

vault-get "Cloudflare API" api_token
vault-get "Database Credentials" password

Get Full Item (JSON)

vault-get "Cloudflare API"
# Returns: {"name": "...", "username": "...", "fields": {...}}

Store Secret (Secure)

# Password via stdin (secure)
echo "$PASSWORD" | vault-set.sh login "Service" --username "admin" --password-stdin

# API key via stdin
echo "$API_KEY" | vault-set.sh note "API Key" --field-stdin "api_key"

Environment Variables

export CLOUDFLARE_API_TOKEN=$(vault-get "Cloudflare API" api_token)
export DB_PASSWORD=$(vault-get "Database Credentials" password)

Session Management

# Check status
vault-status.sh check

# Unlock if locked
vault-status.sh unlock

# Sync with server
vault-status.sh sync

Security Rules

DO:

Use --password-stdin for sensitive values
Keep ~/.bw_session with 600 permissions

DON'T:

Pass secrets as command arguments
Log vault-get output
Commit session tokens

See static/VAULT.md for full item inventory.

managing-vault-secretsSafety 85Repository

Package Files

Vault Secrets

Prerequisites

Quick Reference

Get Secret

Get Full Item (JSON)

Store Secret (Secure)

Environment Variables

Session Management

Security Rules

Install

AI Quality Score

Metadata

Tags

managing-vault-secretsSafety 85Repository ShareFavorite skill

Package Files

Vault Secrets

Prerequisites

Quick Reference

Get Secret

Get Full Item (JSON)

Store Secret (Secure)

Environment Variables

Session Management

Security Rules

Install

AI Quality Score

Metadata

Tags

managing-vault-secretsSafety 85Repository