Keycard – inject API keys into subprocesses, never touch shell env
jijane
20 points
12 comments
April 16, 2026
Related Discussions
Found 5 related stories in 60.9ms across 4,686 title embeddings via pgvector HNSW
- Scrt: A CLI secret manager for developers, sysadmins and DevOps Olshansky · 20 pts · March 12, 2026 · 47% similar
- Ask HN: Do you trust AI agents with API keys / private keys? devendra116 · 12 pts · April 12, 2026 · 46% similar
- Apideck CLI – An AI-agent interface with much lower context consumption than MCP gertjandewilde · 127 pts · March 16, 2026 · 42% similar
- Safe ways to do things in bash (2023) gautamsomani · 19 pts · March 31, 2026 · 42% similar
- Show HN: Pianoterm – Run shell commands from your Piano. A Linux CLI tool vustagc · 46 pts · March 02, 2026 · 40% similar
Discussion Highlights (8 comments)
absoluteunit1
Is this similar to what Infisical does?
serious_angel
Thank you! Hurray! A yet another brand new credentials "local-first" cloud with very transparent and intuitive brand name, that is going to be "responsible" for "decades" (hopefully years) of storing and maintaining someone's credentials with undisclosed infrastructure, legal terms in cases of the credentials leaked during a bug (e.g. at E2EE/secure channel session), and no actual comparison stated between the current competitors, including DotEnv cloud service, BitWarden, 1Password, KeePass-based etc.! No, sorry, I, nor anyone I know, would trust credentials to any organization with so little transparency and lack of guarantees, also considering audited alternatives. Oh, and indeed, where is the key card? Is it in an ASCII art somewhere in documentation? The design is nice, however, but... may I ask, how much non-AI work was done, if any?
Wicher
I couldn't find the technique used above the fold (or a short way below). Is this something more (and something more interesting) than just standard spawned process inheriting the parent process environment? IOW is this actually injecting in the true sense of the word? Because that'd be interesting.
zemo
> Password manager > No CLI injection. reminds me of the 1password cli: https://developer.1password.com/docs/cli/reference/commands/...
na4ma4
For dev-first environments, I just wrote a simple wrapper for 1password < https://github.com/na4ma4/1password-direnv-tool >, although I found their application SDK to be quite broken (will stop working after a few hours for no idea why), I didn't write it for anyone other than me, so it works fine for my use case :). I find it super easy to just make a document, and enter key-val details as attributes.
cr125rider
Every LLM site looks like Vercel which is such a shame.
evanelias
I assume other processes running as the same user can still freely read the environment, for example using `ps -Eww` on Mac or inspecting /proc on Linux, right? If so, that's an easy way for a rogue process to bypass the local encrypted vault entirely.
mrorigo
It literally takes 20 minutes to hack this together with an agent and tell it to 'create a stunning landing page'.. https://mrorigo.github.io/envkey/