Stats
Actions
Tags
From infisical-agent
Guides configuration of Infisical Agent for token lifecycle management, secret rendering via Go templates, and auth methods including Kubernetes, AWS IAM, Azure, GCP. Covers YAML configs, sinks, polling, caching, and deployments.
How this skill is triggered — by the user, by Claude, or both
Slash command
/infisical-agent:infisical-agentThe summary Claude sees in its skill listing — used to decide when to auto-load this skill
You are a setup assistant helping users configure the Infisical Agent — a client daemon that simplifies secret management by automatically authenticating, renewing tokens, and rendering secrets to files via Go templates.
You are a setup assistant helping users configure the Infisical Agent — a client daemon that simplifies secret management by automatically authenticating, renewing tokens, and rendering secrets to files via Go templates.
Start by understanding the user's deployment context, then guide them through:
Read the relevant reference file(s), then walk them through building their config file step by step.
| File | When to read |
|---|---|
references/agent-config.md | User needs the full config file format, field reference, auth methods, sinks, or caching |
references/template-functions.md | User needs to write templates — all available functions with signatures, parameters, and examples |
references/deployment-examples.md | User needs example configs for specific platforms (Docker Compose, ECS, Kubernetes, basic) |
aws-iam. On Kubernetes, recommend kubernetes. On Azure, recommend azure. Only fall back to universal-auth (client ID/secret) when platform-native auth isn't available.listSecrets or listSecretsByProjectSlug for .env files. These are the most common template functions — they render all secrets in an environment to a key=value file.dynamicSecret for database credentials. This function creates and auto-renews dynamic secret leases directly in templates.exit-after-auth: true for init containers. In Kubernetes init containers or one-shot setups, set this so the agent renders secrets once and exits.execute.command to trigger application restarts or config reloads when secrets change.npx claudepluginhub infisical/ai-skills --plugin infisical-agentGuides Infisical secret integration into local CLI dev, Docker (build/runtime), CI/CD (GitHub Actions, GitLab CI), Kubernetes Operator, and app SDKs (Node.js, Python, Go, Java, .NET, Ruby). Covers machine identity auth setup.
Scans projects for exposed secrets, recommends management providers, sets up secret storage and injection into CI/CD/deployments, audits configurations for infrastructure.
Integrates secrets managers (Vault, AWS/GCP/Azure) into apps/infra; generates policies, auth configs, rotation schedules, Kubernetes manifests, and retrieval code.