api-credentials
Scannednpx machina-cli add skill oaustegard/claude-skills/api-credentials --openclawAPI Credentials Management
šØ DEPRECATED: This skill is no longer needed for hosted skills environments.
New approach: Skills now read credentials directly from project knowledge files:
ANTHROPIC_API_KEY.txt,GOOGLE_API_KEY.txt,GITHUB_API_KEY.txt(recommended)- Or
API_CREDENTIALS.json(combined file)
See updated skill documentation:
Legacy use only: This skill may still be useful for local development environments or backward compatibility.
ā ļø WARNING: This is a PERSONAL skill - DO NOT share or commit with actual credentials!
This skill provides secure storage and retrieval of API credentials for multiple providers. It serves as a dependency for other skills that need to invoke external APIs programmatically.
Supported Providers
- Anthropic (Claude API)
- Google (Gemini API, Vertex AI, etc.)
- GitHub (GitHub API, Personal Access Tokens)
- Extensible for additional providers
Purpose
- Centralized credential storage for multiple API providers
- Secure retrieval methods for dependent skills
- Clear error messages when credentials are missing
- Support for multiple credential sources (config file, environment variables)
Usage by Other Skills
Skills that need to invoke APIs should reference this skill:
Anthropic Claude API
import sys
sys.path.append('/home/user/claude-skills/api-credentials/scripts')
from credentials import get_anthropic_api_key
try:
api_key = get_anthropic_api_key()
# Use api_key for Claude API calls
except ValueError as e:
print(f"Error: {e}")
Google Gemini API
import sys
sys.path.append('/home/user/claude-skills/api-credentials/scripts')
from credentials import get_google_api_key
try:
api_key = get_google_api_key()
# Use api_key for Gemini API calls
except ValueError as e:
print(f"Error: {e}")
GitHub API
import sys
sys.path.append('/home/user/claude-skills/api-credentials/scripts')
from credentials import get_github_api_key
try:
api_key = get_github_api_key()
# Use api_key for GitHub API calls
except ValueError as e:
print(f"Error: {e}")
Setup Instructions
Option 1: Configuration File (Recommended)
- Copy the example config:
cp /home/user/claude-skills/api-credentials/assets/config.json.example \
/home/user/claude-skills/api-credentials/config.json
- Edit
config.jsonand add your API keys:
{
"anthropic_api_key": "sk-ant-api03-...",
"google_api_key": "AIzaSy...",
"github_api_key": "ghp_..."
}
- Ensure the config file is in
.gitignore(already configured)
Option 2: Environment Variables
Set environment variables for the providers you need:
# Anthropic Claude
export ANTHROPIC_API_KEY="sk-ant-api03-..."
# Google Gemini
export GOOGLE_API_KEY="AIzaSy..."
# GitHub
export GITHUB_TOKEN="ghp_..."
# or
export GITHUB_API_KEY="ghp_..."
Add to your shell profile (~/.bashrc, ~/.zshrc) to persist.
Priority
Credential retrieval follows this priority for each provider:
config.jsonin the skill directory (highest priority)- Environment variable (ANTHROPIC_API_KEY or GOOGLE_API_KEY)
- ValueError raised if neither is available
Security Notes
- Never commit config.json with real credentials
- The config.json file should be in .gitignore
- Only config.json.example should be version controlled
- Consider using environment variables in shared/production environments
- Rotate API keys regularly
- Skills should never log or display full API keys
File Structure
api-credentials/
āāā SKILL.md # This file
āāā config.json # YOUR credentials (gitignored)
āāā scripts/
ā āāā credentials.py # Credential retrieval module
āāā assets/
āāā config.json.example # Template for users
Error Handling
When credentials are not found, the module raises ValueError with clear guidance:
- Where to place config.json
- How to set environment variables
- Links to provider consoles for key generation
Skills should catch ValueError exceptions and handle appropriately.
Available Functions
get_anthropic_api_key() ā str
- Returns Anthropic API key
- Raises ValueError if not configured
get_google_api_key() ā str
- Returns Google API key
- Raises ValueError if not configured
get_github_api_key() ā str
- Returns GitHub API token (Personal Access Token)
- Raises ValueError if not configured
get_api_key_masked(api_key) ā str
- Returns masked version for safe logging
- Example: "sk-ant-...xyz"
verify_credential(provider) ā bool
- Checks if provider is configured
- Returns True/False without raising exceptions
- Providers: 'anthropic', 'google', 'github'
Adding New Providers
To support additional providers:
- Add field to
assets/config.json.example - Add getter function to
scripts/credentials.py:def get_provider_api_key() -> str: # Follow existing pattern with config file + env var pass - Add to
verify_credential()mapping - Update this documentation
Token Efficiency
This skill uses ~300 tokens when loaded but saves repeated credential management code across multiple skills that invoke external APIs. It provides a single, consistent pattern for all credential handling.
Source
git clone https://github.com/oaustegard/claude-skills/blob/main/api-credentials/SKILL.mdView on GitHub Overview
API Credentials Management securely stores and retrieves API keys for Anthropic Claude, Google Gemini, and GitHub. In hosted skill environments this skill is deprecated; the recommended approach is to read credentials directly from project knowledge files (ANTHROPIC_API_KEY.txt, GOOGLE_API_KEY.txt, GITHUB_API_KEY.txt) or a combined API_CREDENTIALS.json, while older setups may still rely on this skill for compatibility.
How This Skill Works
The skill centralizes credential storage and retrieval to be used by other skills invoking external APIs. It supports multiple sources (config.json, environment variables, or knowledge-file based keys) and provides clear error messages when credentials are missing. Retrieval follows a priority: config.json first, then environment variables, with ValueError raised if none are available.
When to Use It
- A skill needs to invoke external APIs (Anthropic Claude, Google Gemini, or GitHub) and must securely access stored keys
- Local development or backward-compatible setups where centralized credential storage is still desired
- Planning migration to knowledge-file based credentials (ANTHROPIC_API_KEY.txt, GOOGLE_API_KEY.txt, GITHUB_API_KEY.txt or API_CREDENTIALS.json)
- Centralizing credentials across multiple providers to simplify management for dependent skills
- When you want explicit, user-friendly errors if credentials are missing
Quick Start
- Step 1: Import the credentials module from the skill's scripts path (e.g., sys.path.append('/home/user/claude-skills/api-credentials/scripts'))
- Step 2: Call the appropriate getter (get_anthropic_api_key, get_google_api_key, or get_github_api_key) and handle ValueError if missing
- Step 3: Use the returned api_key for the corresponding API call in your skill
Best Practices
- Never commit real credentials; keep config.json out of version control and add it to .gitignore
- Use config.json.example for repository-included guidance and copy to config.json locally
- Prefer environment variables for production deployments when possible
- Rotate API keys regularly and minimize exposure in logs or UI
- Validate credential availability early and provide clear error messages rather than failing silently
Example Use Cases
- A skill imports credentials from credentials.py and retrieves an Anthropic API key via get_anthropic_api_key to call Claude API
- A skill uses get_google_api_key to obtain a Google Gemini API key for Gemini or Vertex AI calls
- A skill obtains a GitHub API key with get_github_api_key for GitHub API requests
- Local development uses config.json with example keys and .gitignore to prevent accidental commits
- Migration to knowledge-file credentials using ANTHROPIC_API_KEY.txt, GOOGLE_API_KEY.txt, GITHUB_API_KEY.txt or API_CREDENTIALS.json
