Secrets
Secrets are encrypted credentials (API keys, tokens, and passwords) that you can inject into sandboxes as environment variables without exposing them in API responses.
What secrets are
Section titled “What secrets are”- Private to you: secrets are owned by your user and never shared by default.
- Encrypted at rest: plaintext values are never returned by any API.
- Injected at runtime: secrets are decrypted only when a sandbox is provisioned.
Scoping and selection
Section titled “Scoping and selection”Secrets are user-owned. You maintain a personal library of secrets and choose which of your secrets to inject when provisioning a sandbox for a project.
When you provision an interactive runtime, you pass the list of secret IDs to inject (secret_ids). That selection applies to that runtime request; the project is only the grouping bucket for the resulting resource.
When you create an evaluation, you can also pass secret_ids. The platform injects those same user-owned secrets into both compute units created for each evaluation item:
- the runtime sandbox that hosts the agent loop
- the task environment sandbox derived from the task build
Injection into sandboxes
Section titled “Injection into sandboxes”Secrets are injected as environment variables at sandbox creation time. If you want different secrets on an existing runtime, provision or restart that runtime with a different secret_ids selection. If you want different secrets for an evaluation run, create a new evaluation with a different secret_ids selection. Secrets are only injected when you pass their IDs — they are not automatically injected into every sandbox.
Provider presets
Section titled “Provider presets”Provider presets let you create secrets with canonical environment variable names. Supported presets:
| Provider | Env var name |
|---|---|
openai | OPENAI_API_KEY |
anthropic | ANTHROPIC_API_KEY |
github | GITHUB_TOKEN |
When you create a secret from a preset, the env var name is automatically set to the preset value. You still choose whether to auto-inject the secret by passing its ID in secret_ids.
Lifecycle and management
Section titled “Lifecycle and management”Common actions
Section titled “Common actions”- Create and update secrets from the UI or CLI (
dreadnode secrets set). - List available secrets and presets (
dreadnode secrets list). - Delete secrets you no longer use (
dreadnode secrets delete).
Lifecycle expectations
Section titled “Lifecycle expectations”| Step | What happens |
|---|---|
| Create | Secret is stored encrypted and shown with a masked preview |
| Select | You choose which secrets to inject for a runtime request |
| Provision | Secrets are decrypted and injected into the sandbox |
| Rotate | Update the value and reprovision or restart the runtime to apply |
Secrets API routes
Section titled “Secrets API routes”GET /api/v1/user/secretsPOST /api/v1/user/secretsGET /api/v1/user/secrets/{secret_id}PUT /api/v1/user/secrets/{secret_id}DELETE /api/v1/user/secrets/{secret_id}GET /api/v1/user/secrets/presetsPOST /api/v1/user/secrets/preset