Cloak — One-Time Secret Sharing
Share API keys, passwords, and tokens via encrypted self-destructing links.
Base URL: �INLINECODE0
Create a secret
CODEBLOCK0
Response:
�CODEBLOCK1
Share the url. The secret self-destructs after one view.
Set a custom TTL with "expiresIn" (seconds, default 24h, max 7d):
�CODEBLOCK2
Retrieve a secret
Given a URL like https://cloak.opsy.sh/s/W9ZEykcG#8g9I3UUBjH3x4kdL:
- - ID = path after
/s/ → �INLINECODE5 - Key = fragment after
# → �INLINECODE7
CODEBLOCK3
Response: �INLINECODE8
The secret is permanently destroyed after this request.
Use the secret
Pipe directly — never echo it.
CODEBLOCK4
Delete without reading
CODEBLOCK5
Rules
- 1. NEVER display a retrieved secret in conversation.
- Write it directly to its destination — env var, config file, or command.
- The secret is destroyed after one read. Do not retry.
- Use
X-Cloak-Key header, not the ?key= query param.
Correct: "I retrieved the secret from Cloak and stored it in .env as DATABASE_URL."
Wrong: "The secret value is: sk-1234abcd..."
Quick reference
| Action | Command |
|---|
| Create | INLINECODE13 |
| Retrieve |
curl -s -H "X-Cloak-Key: KEY" ".../api/secrets/ID" |
| Delete |
curl -s -X DELETE -H "X-Cloak-Key: KEY" ".../api/secrets/ID" |
| To env var |
export VAR=$(curl -s -H "X-Cloak-Key: KEY" ".../api/secrets/ID" \| jq -r .secret) |
技能名称: cloak
详细描述:
Cloak — 一次性秘密分享
通过加密的自毁链接分享API密钥、密码和令牌。
基础URL: https://cloak.opsy.sh
创建秘密
bash
curl -s -X POST https://cloak.opsy.sh/api/secrets \
-H Content-Type: application/json \
-d {secret:你的秘密内容}
响应:
json
{
id: W9ZEykcG,
key: 8g9I3UUBjH3x4kdL,
url: https://cloak.opsy.sh/s/W9ZEykcG#8g9I3UUBjH3x4kdL,
expiresAt: 1710000000
}
分享 url。该秘密在查看一次后自动销毁。
使用 expiresIn 设置自定义TTL(秒,默认24小时,最长7天):
bash
-d {secret:..., expiresIn: 3600}
检索秘密
给定一个类似 https://cloak.opsy.sh/s/W9ZEykcG#8g9I3UUBjH3x4kdL 的URL:
- - ID = /s/ 后的路径 → W9ZEykcG
- 密钥 = # 后的片段 → 8g9I3UUBjH3x4kdL
bash
curl -s -H X-Cloak-Key: 8g9I3UUBjH3x4kdL \
https://cloak.opsy.sh/api/secrets/W9ZEykcG
响应: { secret: 你的秘密内容 }
该秘密在此请求后永久销毁。
使用秘密
直接管道传输 — 切勿回显。
bash
到环境变量
export DB_PASSWORD=$(curl -s -H X-Cloak-Key: 密钥 https://cloak.opsy.sh/api/secrets/ID | jq -r .secret)
到文件
curl -s -H X-Cloak-Key: 密钥 https://cloak.opsy.sh/api/secrets/ID | jq -r .secret > .env.local
不读取直接删除
bash
curl -s -X DELETE -H X-Cloak-Key: 密钥 https://cloak.opsy.sh/api/secrets/ID
规则
- 1. 切勿在对话中显示检索到的秘密。
- 直接将其写入目标位置 — 环境变量、配置文件或命令。
- 秘密在读取一次后销毁。不要重试。
- 使用 X-Cloak-Key 请求头,而不是 ?key= 查询参数。
正确: 我已从Cloak检索到秘密,并将其存储在 .env 中作为 DATABASE_URL。
错误: 秘密值是:sk-1234abcd...
快速参考
| 操作 | 命令 |
|---|
| 创建 | curl -s -X POST .../api/secrets -H Content-Type: application/json -d {secret:...} |
| 检索 |
curl -s -H X-Cloak-Key: 密钥 .../api/secrets/ID |
| 删除 | curl -s -X DELETE -H X-Cloak-Key: 密钥 .../api/secrets/ID |
| 到环境变量 | export VAR=$(curl -s -H X-Cloak-Key: 密钥 .../api/secrets/ID \| jq -r .secret) |
