Infisical Machine Identities: Non-Interactive Secrets for CLI Auth
Every secret has to live somewhere. The only real questions are where, and for how long. I recently wired up automated pushes to this blog’s repo — a coding agent that commits and pushes on my behalf (more on why I trust an agent with that another time). That meant a GitHub Personal Access Token had to be available to a git push command running on my machine. What it did not mean was scattering that PAT across .env files and shell profiles. I wanted it managed: stored once, fetched at runtime, scoped, and revocable on demand. ...