infisical-agentlisted

How to consume Infisical secrets from every Walter-OS surface — operator shells, walter-host Docker services, Vercel deploys, Railway services, GitHub Actions, n8n workflows, Cursor, Claude Code. The unifying principle: NEVER paste secrets into config files; always pull from Infisical at runtime via CLI / SDK / native integration. Use this skill when the user asks "how do I use this secret in <X>", "Infisical setup for Vercel", "secrets in GitHub Actions", "n8n credentials".
Xipher-Labs/walter-os · ★ 5 · AI & Automation · score 67

Install: claude install-skill Xipher-Labs/walter-os

# Infisical agent — secrets across the stack Infisical (`secrets.${WALTER_DOMAIN}`) is the single source of truth. The mechanism to *consume* differs per platform but the principle is one: **plaintext secrets never live in your repos, dotfiles, or compose files**. ## The big picture ``` ┌──────────────────────────────────┐ │ Infisical (Walter-VM) │ │ workspaces: │ │ walter-os │ │ walter-vm-internal │ │ [company] │ │ [project-a] │ │ [project-b] │ │ hackaton │ └──────────────┬───────────────────┘ │ ┌───────────┬──────────┬────┴────┬─────────┬───────────┐ │ │ │ │ │ │ Operator Walter-VM Vercel Railway GitHub n8n shells (Docker (native) (native) Actions (built-in agent w/ (action) node) auto-renew) ``` Five distinct integration surfaces, one source of truth. ## 1. Operator shell — CLI + OS credential store See full detail in `skills/secrets-yubikey-unlock/`, the legacy-named credential-store bootstrap guide. Quick version: ```bash # Install brew install infisical/get-cli/infisical # Store th