Rule DevOps

Secrets Management

Use a secrets manager; never store secrets in env files or code

devopssecretssecurity
CLAUDE.md

Use a secrets manager (Vault, AWS Secrets Manager, etc.) for production secrets. Never commit .env files, and don’t rely on environment variables alone, since they can leak through logs and process listings.

Copy this block into your CLAUDE.md or agent config file to enforce it in your workflow.

get crystl