Other

/launchd-secret-linter

Lint launchd plists for hardcoded secrets in EnvironmentVariables. Triggers: launchd plist, LaunchAgents, plist secret, raw API key in plist, secrets hygiene, op:// reference.

$ golems-cli skills install launchd-secret-linter

Updated 1 week ago

A launchd plist that hardcodes a secret in EnvironmentVariables leaks it into the user-agent environment on first load and contaminates the whole fleet — the gen-18 specimen was a raw GOOGLE_API_KEY leaked exactly this way. A hardened plist carries only an op:// 1Password reference or $VAR env-indirection, never the literal. This skill makes that rule a mechanical, replayable gate.

Run it

python3 lint_cli.py ~/Library/LaunchAgents/*.plist   # exit 1 if any plist hardcodes a secret
python3 -m pytest tests/                              # the RED→GREEN gate (10 cases)

The CLI never prints secret values — only the plist, the env key, and the rule.

Rules (precision-biased — flag literals, never indirection)

RuleCatches
raw-secret-valueA value matching a known provider key shape — Google AIza…, OpenAI sk-…, GitHub ghp_/gho_/ghs_/ghu_…, Slack xox…, AWS AKIA…, a PEM -----BEGIN … PRIVATE KEY----- — that is a literal (not op://…, not $VAR).
literal-in-secret-named-varAn env var whose name says secret (*_API_KEY, *_TOKEN, *_SECRET, *PASSWORD*, *CREDENTIAL*, *PRIVATE_KEY*) whose value is a non-empty literal that is not an op:// reference or $-indirection.

op:// references and $VAR / ${VAR} indirection are always treated as the hardened (non-leaking) form and never flagged.

The hardened form

<key>GOOGLE_API_KEY</key>
<string>op://Private/google/api_key</string>   <!-- 1Password reference -->
<key>GH_TOKEN</key>
<string>$GH_TOKEN</string>                       <!-- env indirection -->