By cooneycw
Manage secret keys throughout their lifecycle with automatic output masking and a local web UI—set, get, rotate, delete, list, validate, and run commands with secrets injected as environment variables without exposing values in logs or terminal output.
Remove a secret key from the project's store. Logs the deletion
Get credentials securely with masking
Overview of all secrets management commands.
List all secret keys for the current project (values masked).
Update an existing secret with a new value. Logs the rotation action
Executes bash commands
Hook triggers when Bash tool is used
Own this plugin?
Verify ownership to unlock analytics, metadata editing, and a verified badge. GitHub access is read-only (username + org membership).
Sign in to claimOwn this plugin?
Verify ownership to unlock analytics, metadata editing, and a verified badge. GitHub access is read-only (username + org membership).
Sign in to claimBased on adoption, maintenance, documentation, and repository signals. Not a security audit or endorsement.
v7.3.0 - A productivity toolkit for Claude Code that adds workflow automation, MCP servers, security scanning, secrets management, and CI/CD integration.
/flow:auto, /flow:start, /flow:eli5, /flow:finish) - Issue-driven development with worktrees, a pre-implementation ELI5 plan/necessity approval gate, quality gates, automated PR lifecycle, and CI verification. The necessity gate also ships standalone as eli5-gate - installable without CPP via /plugin marketplace add cooneycw/eli5-gate or npx skills add cooneycw/eli5-gate; CPP vendors its canonical core (file gate improvements there)cooneycw/mcp-second-opinion repo and wired in through the root .mcp.json (streamable-http)@playwright/mcp server (npx/stdio, no container), registered by /cpp:initpptx skill (npx skills add anthropics/skills@pptx)/security:scan) - Native vulnerability detection with git history analysis/secrets:*) - Tiered credential storage (dotenv, env-file, AWS Secrets Manager) with audit logging and a web UI/cicd:*) - Framework detection, Makefile generation, health checks, and IaC scaffolding/project:init) - Zero-to-GitHub-repo setup with Makefile, CI pipeline, and Docker confignpx skills and the /plugin marketplace (the CPP /skills:* wrapper was retired in issue #437)secrets plugin (#479), so plugin installs get masking with no host script setup; destructive commands are handled by Claude Code's native git auto-blocking + OS sandboxmake secret-scan)gh) for issue/PR workflowsCPP ships as a plugin marketplace (ADR 0001, epic #417 Phase B). The command/skill/hook surface installs through Claude Code's /plugin, so there is nothing to clone and no symlink installer to run:
# In Claude Code, add the marketplace once:
/plugin marketplace add cooneycw/claude-power-pack
# Then install only the families you want (each is an independent plugin):
/plugin install flow@cpp
/plugin install cicd@cpp
/plugin install secrets@cpp
# ... browser, claude-md, codex, documentation, evaluate, github, project,
# qa, second-opinion, security, self-improvement (15 in all), plus the
# help-only cpp plugin.
/plugin handles versioning and updates for the installed surfaces. The secrets plugin bundles the PostToolUse secret-masking hook and the second-opinion plugin bundles its .mcp.json client pointer, so a plugin-only install gets masking and MCP wiring with no host setup.
/plugin cannot cover)A plugin install delivers commands, skills, hooks, and the MCP client pointer - but not the out-of-band infrastructure some families reach. Run /cpp:init in a target project for those steps (it is now the non-plugin infra installer, not the primary way to get commands):
npx claudepluginhub cooneycw/claude-power-pack --plugin secretsCLAUDE.md management for Claude Code projects: /claude-md:lint checks for missing CI/CD, Docker, and troubleshooting directives.
Documentation and diagrams for Claude Code projects: /documentation:c4 renders C4 architecture diagrams (L1-L4) as GitHub-renderable Mermaid, /documentation:pptx builds PowerPoint decks with optional diagrams.
GitHub issue management from Claude Code: create, list, view, update, and close issues (/github:issue-create, issue-list, issue-view, issue-update, issue-close).
Codex CLI orchestration from Claude Code: /codex:ask read-only delegation, /codex:exec one-shot runs with JSONL monitoring, /codex:auto full issue lifecycle delegation, /codex:status readiness checks.
Project scaffolding: /project:init zero-to-GitHub-repo orchestration (repo creation, CLAUDE.md via the native /init, CI/CD wiring).
Integrate with secrets managers (Vault, AWS Secrets Manager, etc)
Secret safety hooks: auto-load credentials via CLAUDE_ENV_FILE, redact secrets from CLI output. Powered by the nopeek CLI.
Encrypted secrets manager for Claude Code sessions backed by a private Git repo
Guide for the Infisical REST API — authentication, secrets CRUD (v4), projects, identities, pagination, and rate limits.
DevsForge Enterprise Environment Configuration Manager delivering comprehensive secrets management, configuration validation excellence, and multi-environment orchestration that transforms environment configuration from scattered files into centralized, secure, and intelligent configuration systems with enterprise-grade security
Claude Power Pack cross-cutting help/meta: /cpp:help maps every CPP command family and the native features CPP defers to. The legacy /cpp:init|update|status symlink installer stays repo-local (it retires in Phase B4) and is not part of this plugin.