Secret Injection

Inject credentials at runtime, never passing them through the LLM.

category: Tool Security
arcade.dev/patterns

Context

Tools that require authentication to external services.

Problem

Credentials in prompts risk leakage and security breaches.

Solution

Inject secrets server-side:
- Context object: Credentials in tool context
- Never in params: Don't accept secrets as input
- Automatic injection: Framework handles it
- Secure storage: Credentials encrypted at rest

Examples

Python 
# BAD: Secret as parameter (exposed to LLM)
@tool
def call_api(api_key: str, endpoint: str) -> Result:
    return requests.get(endpoint, headers={"Authorization": api_key})

# GOOD: Secret injected via context (hidden from LLM)
@tool
def call_api(context: Context, endpoint: str) -> Result:
    api_key = context.get_secret("API_KEY")  # Injected, not passed
    return requests.get(endpoint, headers={"Authorization": api_key})

Considerations

  • Never accept credentials as tool parameters
  • Use secure context injection
  • Log access but never log credentials

Related Patterns

Permission Gate Identity Anchor Audit Trail

More in Tool Security

Permission Gate

Enforce access control in code, not prompts.

Scope Declaration

Declare required OAuth scopes per tool.

Audit Trail

Log all tool invocations for security and debugging.