npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

pi-pass-secrets

v1.0.2

Published

Pi extension that reads API keys from GNU Password Store (pass) on startup and redacts them from all tool output

Readme

pi-pass-secrets

Pi Coding Agent extension that reads API keys from GNU Password Store (pass) on startup and injects them into the session environment.

Secrets are never exposed to the LLM. All tool output (bash, read, grep, etc.) is scanned and any leaked secret values are replaced with [REDACTED].

Why pass?

  • Encryption at rest — all secrets are GPG-encrypted on disk
  • Git-friendly~/.password-store is a git repo you can sync
  • No daemon — stateless, no background process
  • Proven — the standard Unix password manager since 2012

How it works

  1. On session_start, the extension reads configured pass paths and injects them into process.env
  2. All subsequent tool calls (including bash) inherit the secrets
  3. A global tool_result hook scans every tool output for known secret values and replaces matches with [REDACTED]
  4. On session_shutdown, secrets are cleared from process.env

Install

pi install git:github.com/okiess/pi-pass-secrets

Or locally during development:

pi install ~/workspace/versioned/pi-pass-secrets

Setup

1. Store your API keys in pass

pass insert apikeys/openai
pass insert apikeys/anthropic
pass insert apikeys/opencode

2. Configure mappings

Add to ~/.pi/agent/settings.json:

{
  "pass-secrets": {
    "mappings": {
      "apikeys/openai": "OPENAI_API_KEY",
      "apikeys/anthropic": "ANTHROPIC_API_KEY",
      "apikeys/opencode": "OPENCODE_API_KEY"
    }
  }
}

3. Reference in provider config

Your providers/models should already use $ENV_VAR references:

{
  "apiKey": "$OPENCODE_API_KEY"
}

No changes needed — the extension injects the env var before providers resolve it.

Commands

| Command | Description | |---------|-------------| | /pass-secrets status | Show loaded keys (values masked: sk-a...4670) | | /pass-secrets reload | Re-read all secrets from pass | | /pass-secrets help | Show help |

Security model

What the agent can see:

  • Which env vars are loaded (e.g. $OPENCODE_API_KEY loaded)
  • A masked preview (sk-a...4670)

What the agent cannot see:

  • Plaintext secret values
  • Secrets in any tool output (redacted globally)

Known limitations:

  • Secrets shorter than 5 characters are not redacted (too many false positives)
  • If a child process prints a secret, the recursive output redaction catches it — but the child process itself has access to the env var (by design)
  • Encoding transforms (base64, hex, reverse) bypass exact-match redaction

License

MIT