Shelve
Centralized secrets management with encryption and team synchronization
GitHub
Repository →
406
Stars
Apache-2.0 v2.3.3 Apr 26, 2026
Since Feb 2024 15
open issues
AI Summary
Shelve is a platform for secure secrets management that centrally manages API keys, tokens, and environment variables. The tool offers envelope encryption per project, automatic GitHub synchronization, and is compatible with AI coding agents like Cursor and Claude.
✓ Pros
- + Open source and free to self-host with full control over encryption keys
- + AES-256-GCM envelope encryption per project limits damage in case of compromise
- + Seamless integration with AI coding agents through automatic .cursorignore/.aiderignore configuration
✗ Cons
- − Hosted version still relatively new, long-term availability unclear
- − Limited third-party integrations beyond GitHub currently available
Use Cases
- → Centralized management of API keys and environment variables for development teams
- → Automatic synchronization of GitHub Actions Secrets with single source of truth
- → Secure secrets injection into CI/CD pipelines without .env files on disk
- → Audit logging of all access to sensitive configuration data with IP and user agent
Who is it for?
Development teams and DevOps engineers who need a secure, centralized solution for secrets management with complete audit control.
