apra-fleet / Tickets / #128 feat: OOB secure input improvements + credential

#128 feat: OOB secure input improvements + credential_store toolset

Status: closed

Owner: nobody

Labels: None

Updated: 2026-04-20

Created: 2026-04-14

Creator: Anonymous

Private: No

Originally created by: kumaakh

Summary

Phase 1: Replace manual raw-mode password input in auth.ts with secureInput() utility
Phase 2: New credential_store MCP toolset (set/list/delete)
Phase 3: {{secure.NAME}} token resolution in execute_command, register_member, update_member, provision_vcs_auth, provision_auth
Security hardening: random persistent encryption key, migration path

New tools

Tool	Description
credential_store_set	Collect secret OOB, store encrypted (session or persistent)
credential_store_list	List stored credentials by name/scope — no values returned
credential_store_delete	Delete a named credential

{{secure.NAME}} token resolution

Tool	Field(s)
execute_command	command, restart_command
register_member	password
update_member	password
provision_vcs_auth	token (GitHub), api_token (Bitbucket), pat (Azure DevOps)
provision_auth	api_key

Tokens resolved server-side — LLM never sees plaintext. Output redacted ([REDACTED:NAME]) including monitor_task output. Network egress policy (allow/confirm/deny) with OOB TTY confirmation.

Review

Reviewed by fleet-rev — APPROVED. All 9 findings addressed (2 HIGH, 4 MED, 3 LOW).

🤖 Generated with Claude Code

Anonymous - 2026-04-20

Ticket changed by: kumaakh

status: open --> closed
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

feat: OOB secure input improvements + credential_store toolset

Apra Fleet is an open-source MCP server

Milestone

Searches

Help