apunkt/plano
1
0
Fork 0
mirror of https://github.com/katanemo/plano.git synced 2026-04-25 00:36:34 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions 3

add Plano agent skills framework and rule set (#797)
Some checks are pending
CI / pre-commit (push) Waiting to run
Details
CI / plano-tools-tests (push) Waiting to run
Details
CI / native-smoke-test (push) Waiting to run
Details
CI / docker-build (push) Waiting to run
Details
CI / validate-config (push) Waiting to run
Details
CI / security-scan (push) Blocked by required conditions
Details
CI / test-prompt-gateway (push) Blocked by required conditions
Details
CI / test-model-alias-routing (push) Blocked by required conditions
Details
CI / test-responses-api-with-state (push) Blocked by required conditions
Details
CI / e2e-plano-tests (3.10) (push) Blocked by required conditions
Details
CI / e2e-plano-tests (3.11) (push) Blocked by required conditions
Details
CI / e2e-plano-tests (3.12) (push) Blocked by required conditions
Details
CI / e2e-plano-tests (3.13) (push) Blocked by required conditions
Details
CI / e2e-plano-tests (3.14) (push) Blocked by required conditions
Details
CI / e2e-demo-preference (push) Blocked by required conditions
Details
CI / e2e-demo-currency (push) Blocked by required conditions
Details
Publish docker image (latest) / build-arm64 (push) Waiting to run
Details
Publish docker image (latest) / build-amd64 (push) Waiting to run
Details
Publish docker image (latest) / create-manifest (push) Blocked by required conditions
Details
Build and Deploy Documentation / build (push) Waiting to run
Details

Browse source 
* feat: add initial documentation for Plano Agent Skills

* feat: readme with examples

* feat: add detailed skills documentation and examples for Plano

---------

Co-authored-by: Adil Hafeez <adil.hafeez@gmail.com>
This commit is contained in:
Musa 2026-04-16 13:16:51 -07:00 committed by GitHub
parent d39d7ddd1c
commit 743d074184
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
46 changed files with 6282 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

72
skills/rules/config-secrets.md Normal file
View file

@ -0,0 +1,72 @@
---
title: Use Environment Variable Substitution for All Secrets
impact: CRITICAL
impactDescription: Hardcoded API keys in config.yaml will be committed to version control and exposed in Docker container inspect output
tags: config, security, secrets, api-keys, environment-variables
---
## Use Environment Variable Substitution for All Secrets
Plano supports `$VAR_NAME` substitution in config values. This applies to `access_key` fields, `connection_string` for state storage, and `http_headers` in prompt targets and endpoints. Never hardcode credentials — Plano reads them from environment variables or a `.env` file at startup via `planoai up`.
**Incorrect (hardcoded secrets):**
```yaml
version: v0.3.0
model_providers:
- model: openai/gpt-4o
access_key: abcdefghijklmnopqrstuvwxyz... # Hardcoded — never do this
state_storage:
type: postgres
connection_string: "postgresql://admin:mysecretpassword@prod-db:5432/plano"
prompt_targets:
- name: get_data
endpoint:
name: my_api
http_headers:
Authorization: "Bearer abcdefghijklmnopqrstuvwxyz" # Hardcoded token
```
**Correct (environment variable substitution):**
```yaml
version: v0.3.0
model_providers:
- model: openai/gpt-4o
access_key: $OPENAI_API_KEY
default: true
- model: anthropic/claude-sonnet-4-20250514
access_key: $ANTHROPIC_API_KEY
state_storage:
type: postgres
connection_string: "postgresql://${DB_USER}:${DB_PASS}@${DB_HOST}:5432/${DB_NAME}"
prompt_targets:
- name: get_data
endpoint:
name: my_api
http_headers:
Authorization: "Bearer $MY_API_TOKEN"
```
**`.env` file pattern (loaded automatically by `planoai up`):**
```bash
# .env — add to .gitignore
OPENAI_API_KEY=sk-proj-...
ANTHROPIC_API_KEY=sk-ant-...
DB_USER=plano
DB_PASS=secure-password
DB_HOST=localhost
MY_API_TOKEN=tok_live_...
```
Plano also accepts keys set directly in the shell environment. Variables referenced in config but not found at startup cause `planoai up` to fail with a clear error listing the missing keys.
Reference: https://github.com/katanemo/archgw