Security: keep secrets out of model context

If a secret is printed to stdout/stderr (or pasted into chat), it can end up in:

• model transcripts
• logs
• screen recordings / scrollback

dotkc patterns

• Inspect is redacted by default (use it for sanity checks)
• Run injects env into a child process without printing values
• Spec allowlists keep secret names out of prompts

What to avoid

• Running dotkc get in agent workflows
• Using --unsafe-values unless absolutely necessary

Enforce no-leak mode

On OpenClaw/agent hosts, use DOTKC_NO_LEAK=1 to make dotkc refuse operations that would print secret values. If you use the dotkc OpenClaw plugin, it enforces DOTKC_NO_LEAK=1 for dotkc subprocesses by default. (blocks dotkc get and --unsafe-values).

Back to dotkc manual