amr/passepartout
1
0
Fork 0
Code Issues 15 Pull Requests 1 Actions Packages Projects Releases Wiki Activity
Files
abfb7e5cf86c9528c2683053554802474f733fc5
passepartout/org/security-vault.org
Amr Gharbeia 908936d4d3 rename gateway-* → system-model-* + gateway-messaging, de-ollama, add system-model-explorer 
- Rename gateway-provider → system-model-provider (generic :local provider, no hardcoded ollama)
- Rename gateway-llm → system-model (model-request dispatcher)
- Rename system-embedding-gateway → system-model-embedding
- Rename gateway-manager → gateway-messaging (public api renamed to messaging-*)
- Add system-model-explorer (model discovery via OpenRouter API, cached, per-slot recommendations)
- Fix skill loader export: replace prefix-matching with fbound/boundp-based export (20 skills now export)
- Add model-router to skill-loader exclusion list (loaded via CLI)
- De-ollama: remove hardcoded assumed-available patterns from provider pipeline
- Default cascade: cloud-only (openrouter, openai, groq, gemini, deepseek, nvidia, anthropic)
- Env example: add LOCAL_BASE_URL, fix cascade order
- All org files updated with architectural prose (literate programming)
2026-05-04 09:58:59 -04:00

2.2 KiB
Raw Blame History

SKILL: Credentials Vault (org-skill-credentials-vault.org)

Overview

The Credentials Vault provides secure in-memory storage for sensitive API keys and session tokens.

Implementation

Vault Storage

;; REPL-VERIFIED: 2026-05-03T13:00:00

(defvar *vault-memory* (make-hash-table :test 'equal)
  "In-memory cache of sensitive credentials.")

Secret Management

;; REPL-VERIFIED: 2026-05-03T13:00:00

(defun vault-get (provider &key (type :api-key))
  "Retrieves a credential from the vault or environment."
  (let* ((key (format nil "~a-~a" provider type))
         (val (gethash key *vault-memory*)))
    (if val
        val
        (let ((env-var (case provider
                          (:gemini "GEMINI_API_KEY")
                          (:openai "OPENAI_API_KEY")
                          (:anthropic "ANTHROPIC_API_KEY")
                          (:openrouter "OPENROUTER_API_KEY")
                          (otherwise nil))))
          (when env-var (uiop:getenv env-var))))))

vault-set

;; REPL-VERIFIED: 2026-05-03T13:00:00

(defun vault-set (provider secret &key (type :api-key))
  "Stores a secret in the vault."
  (let ((key (format nil "~a-~a" provider type)))
    (setf (gethash key *vault-memory*) secret)))

#+end_src

Secret Wrappers (gateway-messaging)

Thin wrappers that match the export names used by gateway-messaging. Delegates to the existing vault-get=/=vault-set with :type :secret.

;; REPL-VERIFIED: 2026-05-03T13:00:00

(defun vault-get-secret (provider)
  "Retrieves a stored secret or token for a gateway provider."
  (vault-get provider :type :secret))

vault-set-secret

;; REPL-VERIFIED: 2026-05-03T13:00:00

(defun vault-set-secret (provider secret)
  "Stores a secret or token for a gateway provider."
  (vault-set provider secret :type :secret))

#+end_src

Skill Registration 

(defskill :passepartout-security-vault
  :priority 600
  :trigger (lambda (ctx) (declare (ignore ctx)) nil))
Reference in New Issue View Git Blame Copy Permalink