hatter/skills
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

update readme

Browse Source
This commit is contained in:
Hatter Jiang
2026-04-04 12:06:21 +08:00
parent 4429d8ea38
commit 5f7b6a8013
1 changed files with 8 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
README.md
View File

@@ -7,3 +7,11 @@
| postmessage| Post a message to Hatter showing how to handle a confidential token | | postmessage| Post a message to Hatter showing how to handle a confidential token |
## SKILL Internals
### How `get-secret.ts` works?
On Alibaba Cloud ECS/Simple Application Server, `get-secret.ts` retrieves a PKCS#7 identity document from `100.100.100.200`. It uses this Alibaba Cloud-signed document to request secrets from the service. The server verifies the signature to authenticate the client before returning the secret value.
在阿里云 ECS 或轻量应用服务器环境中,`get-secret.ts` 脚本首先从元数据服务地址 `100.100.100.200` 获取 PKCS#7 格式的身份文档。随后,脚本利用该由阿里云签名的文档向密钥管理服务发起获取请求。服务端在核验签名以完成客户端身份认证后,才会返回相应的密钥值。