CLI safe guide
Operate command-line workflows without leaking sensitive input.
Avoid argument leakage
Shell arguments can be captured by history, process listings, CI logs, crash reports, or terminal transcripts. Use hidden prompts, stdin, files, or secret-manager references.
- Do not run commands that include live secret text
- Prefer shhhs push text with hidden prompt
- Keep CI logs redacted
Output policy
CLI commands should avoid printing plaintext secrets. When a link is generated, store it only in the intended delivery channel.
- No plaintext stdout
- No recovery codes in logs
- No API keys in transcripts