From 07cf1fb8a5eea3a38eb91a04bb0e54b389cf25a9 Mon Sep 17 00:00:00 2001 From: NanoClaw Date: Tue, 24 Mar 2026 13:47:52 +0000 Subject: [PATCH 1/3] docs: add OneCLI secrets management section to CLAUDE.md Gives Claude context on how credentials/API keys/OAuth tokens are managed via the OneCLI gateway, so it doesn't suggest storing secrets in .env or passing them to containers. Co-Authored-By: Claude Opus 4.6 (1M context) --- CLAUDE.md | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/CLAUDE.md b/CLAUDE.md index 6351ff4..9b3ae27 100644 --- a/CLAUDE.md +++ b/CLAUDE.md @@ -21,6 +21,10 @@ Single Node.js process with skill-based channel system. Channels (WhatsApp, Tele | `groups/{name}/CLAUDE.md` | Per-group memory (isolated) | | `container/skills/` | Skills loaded inside agent containers (browser, status, formatting) | +## Secrets / Credentials / Proxy (OneCLI) + +API keys, secret keys, OAuth tokens, and auth credentials are managed by the OneCLI gateway — which replaces the old credential proxy and handles secret injection into containers at request time, so no keys or tokens are ever passed to containers directly. Run `onecli --help` to manage secrets, agents, and gateway config. + ## Skills Four types of skills exist in NanoClaw. See [CONTRIBUTING.md](CONTRIBUTING.md) for the full taxonomy and guidelines. From 7366b0d7dbd1a48e74c26f2778e053db3a1490f7 Mon Sep 17 00:00:00 2001 From: NanoClaw Date: Tue, 24 Mar 2026 15:44:30 +0000 Subject: [PATCH 2/3] docs: trim OneCLI section wording Co-Authored-By: Claude Opus 4.6 (1M context) --- CLAUDE.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CLAUDE.md b/CLAUDE.md index 9b3ae27..2084578 100644 --- a/CLAUDE.md +++ b/CLAUDE.md @@ -23,7 +23,7 @@ Single Node.js process with skill-based channel system. Channels (WhatsApp, Tele ## Secrets / Credentials / Proxy (OneCLI) -API keys, secret keys, OAuth tokens, and auth credentials are managed by the OneCLI gateway — which replaces the old credential proxy and handles secret injection into containers at request time, so no keys or tokens are ever passed to containers directly. Run `onecli --help` to manage secrets, agents, and gateway config. +API keys, secret keys, OAuth tokens, and auth credentials are managed by the OneCLI gateway — which handles secret injection into containers at request time, so no keys or tokens are ever passed to containers directly. Run `onecli --help`. ## Skills From 58faf624a3e25c8e265269d20b5154a677c94548 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" Date: Tue, 24 Mar 2026 15:45:53 +0000 Subject: [PATCH 3/3] =?UTF-8?q?docs:=20update=20token=20count=20to=2039.8k?= =?UTF-8?q?=20tokens=20=C2=B7=2020%=20of=20context=20window?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- repo-tokens/badge.svg | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/repo-tokens/badge.svg b/repo-tokens/badge.svg index b268ecc..ac18e24 100644 --- a/repo-tokens/badge.svg +++ b/repo-tokens/badge.svg @@ -1,5 +1,5 @@ - - 40.7k tokens, 20% of context window + + 39.8k tokens, 20% of context window @@ -15,8 +15,8 @@ tokens - - 40.7k + + 39.8k