Resources
Framework guides, comparisons, and best practices for secrets management.
Framework Guides
Next.js + Vercel
Manage NEXT_PUBLIC_ vars, Server Components, and Vercel deploys. Full walkthrough from local dev to production.
Remix + Netlify
Secure loader and action secrets, .server.ts patterns, and Netlify Build Plugin deploys.
SvelteKit + Railway
Handle all four $env modules, adapter-node runtime secrets, and Railway build commands.
Laravel + Forge
Replace Forge's .env editor. Automate config:cache, queue workers, and deploy scripts.
Import Secrets from Any Provider
Step-by-step guide to finding your API tokens and project IDs in Supabase, Vercel, Railway, Render, Heroku, and Netlify — then importing everything into secr.
Articles
Every AI Coding Agent Is a Secret-Spilling Machine
Cursor, Claude Code, Copilot, and Windsurf read your entire codebase — including .env files. Here's how to stop the leak.
Using secr with AI Coding Agents
Configure Claude Code, Cursor, Copilot, and Windsurf to use secr. Includes CLAUDE.md rules, .cursorrules, and workflow recipes.
Why Your .env Files Are a Ticking Time Bomb
LLMs generate code fast but leak secrets faster. Learn why .env files are the #1 security risk in AI-assisted development and how to fix it.
secr vs Doppler vs Infisical vs Vault
Compare secr with Doppler, Infisical, and HashiCorp Vault. See how features, pricing, and developer experience stack up.
Ready to get started?
Stop sharing secrets over Slack. Get set up in under two minutes.
Create your account