Homepage
Not present in the local metadata.
brew package intelligence
openssl@3
Automic Vault tracks openssl@3 because plain text private keys matters when AI agents run command-line tools on macOS.
overview
What Automic Vault knows about openssl@3
Cryptography and SSL/TLS Toolkit
Commands and aliases
No executable aliases were found in the local package database.
radioisotope
Plain Text Private Keys
OpenSSL-created private keys are often stored as PEM files in user PKI directories. Unencrypted private keys are reusable credentials that local agents can read directly. Automic Vault currently detects this exposure but does not yet provide a migration or package modification for OpenSSL.
Local README excerpt
OpenSSL Radioisotope Detector
This detector reports unencrypted PEM private keys in bounded user PKI locations such as ~/.ssl, ~/.certs, ~/certs, and ~/.config/openssl.
It does not currently migrate keys or modify OpenSSL.
Source: data/radioisotopes/openssl@3/README.md
Coverage source
Caveats
- We detect unencrypted PEM private keys only.
- Encrypted private keys are not reported.
- We scan bounded user PKI directories rather than the full home directory.
approval gates
Human review metadata for risky commands
The local approval-gate seed includes 6 rules for openssl@3. Covered entrypoints: openssl. Severity labels: critical, high, medium.
Example gated actions
- Cryptography and SSL/TLS Toolkit
- Generate private keys or key pairs.
- Print private key details in text form.
- Export certificates and keys into PKCS#12 bundles.
- Connect to a remote TLS service and print handshake material.
- Encrypt or decrypt data to an output file.
install metadata
Resolver facts
| Package key | brew:openssl@3 |
|---|---|
| Last updated | 2026-05-19T10:50:21-04:00 |
| Pulse | updated |
source trail
Generated from repository data
This page is regenerated by scripts/generate-pkg-pages.py. Deployments refuse to publish if www/pkg/ is stale relative to local package data.
Used sources
- Nucleus package database
- approval-gate seed metadata
- local isotope README
- radioisotope security manifest