cast secrets
Manage secrets for your agents. Secrets are injected as environment variables when the agent runs.
cast secrets list
List all secrets for an agent.
Usage
Example
cast secrets list my-agent
Output
KEY CREATED
OPENAI_API_KEY 2024-01-15 10:30:00
DATABASE_URL 2024-01-15 10:30:00
Secret values are never displayed. Only the keys and creation dates are shown.
cast secrets set
Set a secret for an agent.
Usage
cast secrets set <slug> <key> <value>
Arguments
| Argument | Description |
|---|
slug | Agent slug |
key | Secret name (uppercase recommended) |
value | Secret value |
Examples
# Set an API key
cast secrets set my-agent OPENAI_API_KEY sk-abc123...
# Set a database URL
cast secrets set my-agent DATABASE_URL postgres://user:pass@host/db
Output
✓ Secret 'OPENAI_API_KEY' set for agent 'my-agent'
Setting a secret with an existing key will overwrite the previous value.
Interactive Mode
To avoid exposing secrets in shell history:
cast secrets set my-agent OPENAI_API_KEY
Enter value for OPENAI_API_KEY: ********
✓ Secret 'OPENAI_API_KEY' set for agent 'my-agent'
cast secrets delete
Delete a secret from an agent.
Usage
cast secrets delete <slug> <key>
Example
cast secrets delete my-agent OPENAI_API_KEY
Output
✓ Secret 'OPENAI_API_KEY' deleted from agent 'my-agent'
Using Secrets in Agents
Secrets are available as environment variables in your agent code:
// Access secrets in your agent
const openaiKey = process.env.OPENAI_API_KEY;
const databaseUrl = process.env.DATABASE_URL;
Built-in Secrets
Castari automatically provides these environment variables:
| Variable | Description |
|---|
ANTHROPIC_API_KEY | Your Anthropic API key (for Claude) |
You don’t need to set ANTHROPIC_API_KEY manually. Castari injects it automatically so your agents can use Claude.
Best Practices
- Use uppercase names —
DATABASE_URL not database_url
- Don’t commit secrets — Never put secrets in your agent code or git
- Use descriptive names —
STRIPE_SECRET_KEY not KEY1
- Rotate regularly — Update secrets periodically for security
See Also
