This is a feature request for Claude Code on the web to enable secure injection of secrets (e.g., API keys, private registry credentials) into cloud development sessions. Currently, the platform explicitly warns against adding secrets, severely limiting workflows that require authentication for private packages, external APIs, or secure server communications. Solving this would unlock many advanced use cases for developers using Claude's coding environment.
A starter prompt for Claude Code, what you'll need, and how to reach them.
You are an expert full-stack developer. Build a proof-of-concept for secure secrets injection for a cloud-based coding environment, mirroring the functionality described in the anthropics/claude-code GitHub issue #32733. The goal is to demonstrate how a user could securely provide API keys or other credentials that are then safely injected into a running cloud session, without being exposed in plain text. Focus on the core mechanism for storing encrypted secrets and making them available to an isolated runtime. Use Next.js 16 App Router, React 19, Tailwind v4, and a secure backend service for secrets management (e.g., a simulated KMS using a local database or a secure vault abstraction). MVP: Implement a simple web UI where a user can enter a secret (e.g., 'STRIPE_API_KEY', 'sk_test_...') and a corresponding value. On submission, encrypt the secret value and store it. Then, simulate a 'cloud session' where these secrets are securely retrieved, decrypted, and exposed as environment variables (e.g., by logging them to a mock console output for verification, indicating they are available to the runtime, but not accessible via the UI once stored). Do NOT persist secrets in local storage. Use Neon Postgres for the database. Outline the encryption/decryption flow clearly. Assume a user is authenticated and secrets are tied to their ID. Build/Verify Gate: A user can add a secret, the secret is shown masked in the UI, and a simulated session environment can successfully 'read' the decrypted secret value, demonstrating secure injection without exposure.
Reach out to developers using Claude Code, especially those frustrated by the lack of secure secrets, and offer agent-eval-lab or mcp-kit to enhance their AI coding workflows where secrets would be critical.
### Preflight Checklist - [x] I have searched [existing requests](https://github.com/anthropics/claude-code/issues?q=is%3Aissue%20label%3Aenhancement) and this feature hasn't been requested yet - [x] This is a single feature request (not multiple features) ### Problem Statement Claude Code on the web (claude.ai/code) has no way to securely provide secrets to async cloud sessions. The environment variables field in the environment settings dialog explicitly warns: "don't add secrets or credentials." This blocks any workflow that requires authentication in a web session: - Installing packages from private registries (npm, PyPI, etc.): the proxy strips user-provided auth headers (#11078) and the auto-injected GitHub credential lacks read:packages scope - Cross-repo private dependencies via Cargo, pip, Go modules (#11056) - Calling external APIs that require keys (Stripe, AWS, database URLs, etc.) during build/test/runtime - Authenticating HTTP-based MCP servers that need Bearer tokens (#28942) - Setup scripts that need to pull from private infrastructure Devin, OpenAI Codex, and Cursor background agents all provide a dedicated encrypted secrets store for their cloud/async agent enviro
Standard Next.js / Vercel deployment
Standard development stack
Standard deployment platform
Standard for secure Node.js applications
Comment on the GitHub issue #32733 at anthropics/claude-code.
“I've built a working proof-of-concept for secure secrets injection in a cloud dev environment, directly addressing issue #32733. Here's a demo link and the core architectural approach I used – happy to discuss how it could be integrated or provide a PR.”
Open the original ↗