# Infisical — Open-Source Secret Management > Manage API keys and secrets across teams and environments. Auto-sync to apps, rotation, audit logs. 25K+ GitHub stars. ## Install Save the content below to `.claude/skills/` or append to your `CLAUDE.md`: # Infisical — Open-Source Secret Management ## Quick Use ```bash brew install infisical/get-cli/infisical # Or: npm install -g @infisical/cli ``` ```bash # Login and pull secrets infisical login infisical init # Run your app with secrets injected infisical run -- python app.py # All secrets from your Infisical project are available as env vars ``` ```python # Or use the Python SDK from infisical_client import InfisicalClient client = InfisicalClient(token="your-machine-identity-token") secret = client.get_secret( secret_name="OPENAI_API_KEY", project_id="your-project", environment="production", ) print(secret.secret_value) ``` --- ## Intro Infisical is an open-source secret management platform with 25,700+ GitHub stars for storing, syncing, and rotating API keys, database credentials, and other secrets across teams and environments. For AI applications that juggle multiple LLM API keys (OpenAI, Anthropic, Gemini), database credentials, and service tokens, Infisical eliminates scattered .env files and hardcoded secrets. It provides a web dashboard, CLI, SDKs for 10+ languages, auto-sync to cloud services, secret rotation, and audit logs — everything you need to manage secrets properly. Works with: Python, Node.js, Go, Java, Ruby, .NET, AWS, GCP, Azure, Vercel, Docker, Kubernetes. Best for teams managing multiple API keys for LLM providers and cloud services. Setup time: under 5 minutes. --- ## Infisical Features ### Why Infisical for AI Apps? AI applications typically manage: - 3-5 LLM API keys (OpenAI, Anthropic, Google, Mistral, Groq) - Database credentials (PostgreSQL, Redis, vector DBs) - Cloud storage keys (S3, GCS) - Service tokens (GitHub, Slack, email) - Per-environment configs (dev, staging, production) Infisical centralizes all of these with access control, rotation, and audit. ### Web Dashboard - Visual secret management per project and environment - Team access control (RBAC) - Secret versioning and change history - Folder organization - Search and filter ### CLI Injection ```bash # Inject secrets as environment variables infisical run -- npm start infisical run -- python train_model.py infisical run -- docker compose up # Specific environment infisical run --env=production -- python deploy.py ``` ### SDKs (10+ Languages) ```python # Python from infisical_client import InfisicalClient client = InfisicalClient(token="...") api_key = client.get_secret("OPENAI_API_KEY", project_id="...", environment="prod") ``` ```typescript // Node.js import { InfisicalClient } from '@infisical/sdk'; const client = new InfisicalClient({ token: '...' }); const secret = await client.getSecret({ secretName: 'OPENAI_API_KEY', ... }); ``` ### Secret Rotation ```yaml # Auto-rotate API keys on a schedule rotation: - secret: OPENAI_API_KEY interval: 30d provider: custom script: rotate-openai-key.sh ``` ### Auto-Sync to Cloud Services Sync secrets automatically to: - AWS Secrets Manager / Parameter Store - GCP Secret Manager - Azure Key Vault - Vercel, Netlify, Railway - GitHub Actions, GitLab CI - Kubernetes Secrets - Docker Compose ### Audit Logs Every secret access is logged: - Who accessed which secret - When and from where - IP address and user agent - Exportable for compliance --- ## FAQ **Q: What is Infisical?** A: Infisical is an open-source secret management platform with 25,700+ GitHub stars for storing, syncing, and rotating API keys and secrets across teams, environments, and cloud services. **Q: Why not just use .env files?** A: .env files don't scale — they get committed to git, can't be rotated, have no access control, and are impossible to audit. Infisical provides centralized management, team RBAC, auto-rotation, cloud sync, and audit logs. **Q: Is Infisical free?** A: Yes, open-source under MIT (core). Self-host for free. Infisical Cloud has a free tier for small teams. --- ## Source & Thanks > Created by [Infisical](https://github.com/Infisical). Licensed under MIT. > > [infisical](https://github.com/Infisical/infisical) — ⭐ 25,700+ --- Source: https://tokrepo.com/en/workflows/infisical-open-source-secret-management-41fbcc5c Author: Skill Factory