list-secrets
View secret names, tags, and expiration status in SecureCode's vault without exposing values. Filter by tags to manage API keys, tokens, and passwords securely.
Instructions
List all available secrets with their tags and expiration status. Returns names and metadata, never values.
Input Schema
TableJSON Schema
| Name | Required | Description | Default |
|---|---|---|---|
| tags | No | Filter by tags, e.g. { "env": "production", "project": "acme" } |
Implementation Reference
- src/index.ts:431-464 (handler)Implementation of the list-secrets tool, which lists secrets using getClient().listSecrets() and formats the output.
// Tool: list-secrets server.tool( 'list-secrets', 'List all available secrets with their tags and expiration status. Returns names and metadata, never values.', { tags: z.record(z.string(), z.string()).optional().describe('Filter by tags, e.g. { "env": "production", "project": "acme" }'), }, async ({ tags }) => { try { const secrets = await getClient().listSecrets({ tags }); if (secrets.length === 0) { return wrapResponse([{ type: 'text', text: 'No secrets found.' }]); } const now = Date.now(); const lines = secrets.map(s => { const parts = [s.name]; const tagStr = Object.entries(s.tags).map(([k, v]) => `${k}:${v}`).join(', '); if (tagStr) parts.push(`[${tagStr}]`); if (s.status === 'expired') { parts.push('⚠ EXPIRED'); } else if (s.expiresAt) { const daysLeft = Math.ceil((new Date(s.expiresAt).getTime() - now) / (1000 * 60 * 60 * 24)); if (daysLeft <= 3) parts.push(`⚠ expires in ${daysLeft}d`); else parts.push(`expires in ${daysLeft}d`); } if (s.description) parts.push(`— ${s.description}`); return parts.join(' '); }); return wrapResponse([{ type: 'text', text: `${secrets.length} secrets:\n${lines.join('\n')}` }]); } catch (error) { return errorResult(error); } } );