CLI
Install and operate the Shhhs CLI without leaking secrets into shell history.
Install
The installer places the Shhhs CLI and MCP adapter on the local machine. Authenticated CLI access requires a scoped Team API key.
curl -fsSL https://shhhs.net/install.sh | bashAuthenticate
Create a Team API key in the web app after passkey authentication. The CLI validates the key before writing local config. Account-token login is disabled so the CLI cannot bypass passkey verification.
shhhs login --api-key <team-api-key>Safe text entry
For sensitive text, let the CLI prompt for input instead of passing the secret as an argument.
shhhs push text
# The CLI opens a hidden prompt for the secret value.Automation
For scripts and CI, use environment references, files, or secret-manager injection. Avoid command arguments that can appear in process lists, history, or logs.
- Prefer stdin or hidden prompt
- Avoid shell history
- Keep output redacted