seksh

A nushell fork with secure credential handling

What is seksh?

seksh is a fork of nushell that integrates with the SEKS Broker for secure secret management. It adds commands that let you use API keys, tokens, and credentials without ever exposing them to your shell session.

Core principle: Agents and shells should be able to use secrets without seeing them.

Key Features

๐Ÿ” Zero-Knowledge Secret Injection

Secrets go directly from the broker to external commands. Your shell session never sees the actual valuesโ€” only secret names. 

# List available secrets (names only)
> listseks
โ•ญโ”€โ”€โ”€โ”ฌโ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ•ฎ
โ”‚ 0 โ”‚ GITHUB_TOKEN             โ”‚
โ”‚ 1 โ”‚ OPENAI_API_KEY           โ”‚
โ”‚ 2 โ”‚ AWS_SECRET_ACCESS_KEY    โ”‚
โ•ฐโ”€โ”€โ”€โ”ดโ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ•ฏ

๐ŸŒ seksh-http

Make HTTP requests with secrets injected internally. The shell sees the request structure, but never the actual token values. 

# Secret is injected by the broker, not visible in shell
> seksh-http GET "https://api.github.com/user" --auth GITHUB_TOKEN
{"login": "yourname", "id": 12345}

๐Ÿ“ฆ seksh-git

Run git commands with credentials injected securely. Clone private repos, push commitsโ€” all without exposing tokens. 

# Credentials injected at execution time
> seksh-git clone "https://github.com/org/private-repo"
Cloning into 'private-repo'...

๐Ÿงน Output Scrubbing

Defense-in-depth: if a secret accidentally appears in command output, it gets redacted before reaching your terminal. Catches raw, base64, and hex-encoded secrets. 

# If a command accidentally leaks a secret:
> some-command
Token: [REDACTED]   # Was: ghp_xxxx...

How It Works

โ”Œโ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”
โ”‚              Your Shell (seksh)             โ”‚
โ”‚   You see: "seksh-http --auth GITHUB_TOKEN" โ”‚
โ””โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”˜
                      โ”‚
                      โ–ผ
โ”Œโ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”
โ”‚              SEKS Broker                    โ”‚
โ”‚   1. Receives request with secret NAME      โ”‚
โ”‚   2. Fetches actual secret value            โ”‚
โ”‚   3. Injects into HTTP headers              โ”‚
โ”‚   4. Makes request                          โ”‚
โ”‚   5. Scrubs response                        โ”‚
โ”‚   6. Returns safe output                    โ”‚
โ””โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”˜
                      โ”‚
                      โ–ผ
โ”Œโ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”
โ”‚            External API                     โ”‚
โ”‚   Receives: Authorization: Bearer ghp_...   โ”‚
โ””โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”˜

Installation

# Clone and build from source
git clone https://github.com/SEKSBot/seksh
cd seksh
git checkout seks-shell
cargo build --release

# Configure broker connection
export SEKS_BROKER_URL="https://your-broker.example.com"
export SEKS_AGENT_TOKEN="seks_agent_..."

# Run seksh
./target/release/nu

Why Not Just Use Environment Variables?

Environment variables are visible to:

  • Any process you spawn
  • Shell history
  • Process listings (ps eww)
  • Crash dumps and logs
  • AI agents with shell access

With seksh, secrets stay in the broker. Your shell only knows secret names, never values.

Questions or feedback? Let us know!