vexly run runs a command with the active environment’s secrets injected as
environment variables. Your program reads its config from the environment as
usual, and you never have to export or source anything by hand — or keep a secret
on disk.
How it works
vexly run -- npm start
vexly run -- node server.js
Use -- to separate Vexly’s arguments from your command’s, especially when your
command has its own flags. The command’s exit code passes straight through, so
vexly run is safe to use in scripts and CI.
Vexly fetches the secrets from the active cloud environment and injects them into
the launched process. If a local .env is present, it’s used as the source
instead — handy for offline work. Either way, the secrets land in the process’s
environment, not on disk.
Target a different environment with --env <slug>:
vexly run --env production -- node server.js
Wiring vexly run into your scripts means secrets are always present without
anyone exporting them:
{
"scripts": {
"dev": "vexly run -- vite",
"start": "vexly run -- node server.js"
}
}
Run-only environments
vexly run works on every environment, including run-only ones.
On a run-only environment it injects the secrets into the process without ever
writing them to .env or printing them — that’s exactly what lets an agent run
your app with real secrets while never being able to read them. See
agent & CI access.
Commands
| Command | What it does |
|---|---|
vexly run -- <cmd> [args…] | Run a command with the environment’s secrets injected. |
vexly run --env <slug> -- <cmd> | Run against a specific environment. |
Next
- Managing secrets — set the values
runwill inject. - Access modes — readable vs run-only.
- Agent & CI access —
runin automation.