AgentSkillsCN

decrypt-secrets

为远程会话解密 MCP 令牌。

SKILL.md
--- frontmatter
name: decrypt-secrets
description: Decrypt MCP tokens for remote sessions

Decrypt Secrets

Decrypt your encrypted MCP tokens at the start of a remote session.

When to Use

  • At the start of a remote/web session when MCP servers need tokens
  • When you see "Encrypted secrets found but not decrypted" in session startup
  • When MCP servers fail due to missing authentication

How It Works

  1. Your tokens are stored encrypted in .env.local.encrypted (safe to commit)
  2. Running this decrypts them to .env.local (gitignored)
  3. MCP servers then use the tokens automatically

Instructions

Run the decryption script and enter your passphrase:

bash
node scripts/secrets/decrypt-secrets.js

You'll be prompted for the passphrase you set when encrypting.

First-Time Setup

If you haven't encrypted your secrets yet:

  1. Add your tokens to .env.local:

    code
    GITHUB_TOKEN=ghp_your_token
    SONAR_TOKEN=sqp_your_token
    CONTEXT7_API_KEY=your_key
    
  2. Encrypt them:

    bash
    node scripts/secrets/encrypt-secrets.js
    
  3. Commit .env.local.encrypted to your repo

  4. In future sessions, just run the decrypt script

Security Notes

  • .env.local is gitignored - your actual tokens are never committed
  • .env.local.encrypted uses AES-256-GCM encryption
  • Choose a strong passphrase (8+ characters)
  • Your passphrase is never stored anywhere