entangle_secrets
Create quantum entanglement between two secrets so updates to the source automatically propagate to the target, ensuring synchronized secret management.
Instructions
Create a quantum entanglement between two secrets. When the source is rotated/updated, the target automatically receives the same value.
Input Schema
TableJSON Schema
| Name | Required | Description | Default |
|---|---|---|---|
| sourceKey | Yes | Source secret key | |
| targetKey | Yes | Target secret key | |
| sourceScope | No | Scope: global or project | global |
| targetScope | No | Scope: global or project | global |
| sourceProjectPath | No | ||
| targetProjectPath | No |
Implementation Reference
- src/core/keyring.ts:412-431 (handler)The core implementation of the secret entanglement logic.
export function entangleSecrets( sourceKey: string, sourceOpts: KeyringOptions, targetKey: string, targetOpts: KeyringOptions, ): void { const sourceScopes = resolveScope({ ...sourceOpts, scope: sourceOpts.scope ?? "global" }); const targetScopes = resolveScope({ ...targetOpts, scope: targetOpts.scope ?? "global" }); const source = { service: sourceScopes[0].service, key: sourceKey }; const target = { service: targetScopes[0].service, key: targetKey }; entangleLink(source, target); logAudit({ action: "entangle", key: sourceKey, source: sourceOpts.source ?? "cli", detail: `entangled with ${targetKey}`, }); } - src/mcp/server.ts:562-589 (registration)The MCP tool registration and wrapper for the `entangle_secrets` tool.
server.tool( "entangle_secrets", "Create a quantum entanglement between two secrets. When the source is rotated/updated, the target automatically receives the same value.", { sourceKey: z.string().describe("Source secret key"), targetKey: z.string().describe("Target secret key"), sourceScope: scopeSchema.default("global"), targetScope: scopeSchema.default("global"), sourceProjectPath: z.string().optional(), targetProjectPath: z.string().optional(), }, async (params) => { entangleSecrets( params.sourceKey, { scope: params.sourceScope as Scope, projectPath: params.sourceProjectPath ?? process.cwd(), source: "mcp", }, params.targetKey, { scope: params.targetScope as Scope, projectPath: params.targetProjectPath ?? process.cwd(), source: "mcp", }, ); return text(`Entangled: ${params.sourceKey} <-> ${params.targetKey}`);