Sandboxes
Repository Secrets
Manage environment variables and secrets for your repository. These are securely injected into the agent’s sandbox environment during code execution.
Only use staging credentials and non-production secrets. Never store production API keys, database passwords, or sensitive credentials.
How Secrets Work
Repository secrets are environment variables that get automatically injected into the sandbox when agents execute code:
- Secure Storage: Secrets are encrypted and stored securely per repository
- Sandbox Injection: Automatically available as environment variables during agent execution
- Development Support: Enable agents to run dev servers, connect to staging databases, and test integrations
Common Use Cases
- Development Server Credentials: API keys for staging services and development APIs
- Database Connections: Connection strings for staging/test databases
- Third-Party Integrations: Non-production tokens for services like Stripe test mode, staging analytics
- Build Configuration: Environment-specific build variables and feature flags
Managing Secrets
Add secrets through your repository settings:
- Navigate to your repository settings
- Go to the Secrets tab
- Add key-value pairs for your environment variables
- Secrets are immediately available to agents in the sandbox
Agents can access these secrets when running code, starting development servers, or executing tests that require environment configuration.