vexly run runs a command with the active environment’s secrets injected as environment variables. Your program reads its config from the environment as usual, and you never have to export or source anything by hand — or keep a secret on disk.

How it works

vexly run -- npm start
vexly run -- node server.js

Use -- to separate Vexly’s arguments from your command’s, especially when your command has its own flags. The command’s exit code passes straight through, so vexly run is safe to use in scripts and CI.

Vexly fetches the secrets from the active cloud environment and injects them into the launched process. If a local .env is present, it’s used as the source instead — handy for offline work. Either way, the secrets land in the process’s environment, not on disk.

Target a different environment with --env <slug>:

vexly run --env production -- node server.js

Wiring vexly run into your scripts means secrets are always present without anyone exporting them:

{
  "scripts": {
    "dev": "vexly run -- vite",
    "start": "vexly run -- node server.js"
  }
}

Run-only environments

vexly run works on every environment, including run-only ones. On a run-only environment it injects the secrets into the process without ever writing them to .env or printing them — that’s exactly what lets an agent run your app with real secrets while never being able to read them. See agent & CI access.

Commands

CommandWhat it does
vexly run -- <cmd> [args…]Run a command with the environment’s secrets injected.
vexly run --env <slug> -- <cmd>Run against a specific environment.

Next