No Dashboards. No Ceremony.

Secrets management that feels unfairly fast.

`envkey` gives you encrypted profile-based secrets and instant injection into any command. No shell pollution, no sprawling config ritual, no “platform migration” meeting.

~20 min

Idea to working CLI

AES-256-GCM

Encrypted at rest

Argon2id

Password-based key derivation

Fast Path

Add a key, run a command, move on. Local dev secrets without detouring into enterprise complexity.

Real Security

Vault data is encrypted. Decryption happens only when needed, and process injection keeps parent env clean.

Shell-Friendly

`ek env --profile dev` prints correctly escaped export lines so `eval` works even with tricky values.