SLICC — Mount Secrets

Credentials for S3 / R2 / MinIO mounts and other domain-scoped secrets. Stored in chrome.storage.local; never visible to the agent.

Stored Secrets

Loading…

Add or Update

Profile name Access Key ID Secret Access Key Region (optional) Endpoint (optional) Path-style Allowed domains

Saving writes s3.<profile>.access_key_id, s3.<profile>.secret_access_key, and any optional fields you provided. Each secret gets a matching _DOMAINS entry so SLICC can scope where it's valid.

Name Value Allowed domains

Comma-separated patterns. Use *.example.com for wildcards. Required.

Provider Add domain

Each OAuth provider hardcodes a default list of domains its token may be unmasked for (e.g. Adobe ships *.adobelogin.com, *.adobe.io). Extras added here LAYER on top per-provider — defaults always stay active, you can't lock yourself out. Wildcards: *.example.com matches api.example.com but NOT bare example.com. Newly-added domains apply on the next side-panel reload (oauth-bootstrap re-pushes the merged list), or immediately if you re-run oauth-token <providerId> in the panel terminal.

Current extras

Tip: in CLI mode (npx sliccy), edit ~/.slicc/secrets.env directly with your text editor — same keys, same _DOMAINS convention. This page is the extension-mode equivalent.