Use when requests involve API secrets, signing keys, token secrets, environment credentials, key rotation, secret sprawl, or reducing the operational risk of sensitive configuration. Design secure handling of secrets and cryptographic key material in applications and delivery pipelines: generation, storage, rotation, scope, least privilege, environment separation, and incident response.
