Add these under Settings → Secrets and variables → Actions in your repo. Only OPENAI_API_KEY is required; the rest are optional and enable Reddit, Google search, and NVD vulnerability data in posts.
| Secret name | Where to get it | Notes |
|---|---|---|
| OPENAI_API_KEY | OpenAI API keys | Create an API key. Needed for the LLM (post generation). |
Enables Reddit search snippets (e.g. “Reddit users discuss…”) in the post. You need a Reddit script app and the account it runs as.
| Secret name | Where to get it | Notes |
|---|---|---|
| REDDIT_CLIENT_ID | Reddit apps → Create app → Script → under the app name you see a short string | The “client ID” (under the app name). |
| REDDIT_CLIENT_SECRET | Same app → secret field | The “secret” (only shown once). |
| REDDIT_USERNAME | Your Reddit account | The Reddit username for the account that “owns” the script app. |
| REDDIT_PASSWORD | Your Reddit account | That account’s password. (Use a dedicated account + app password if available.) |
Steps: Go to https://www.reddit.com/prefs/apps → Create app → choose script → set a name and redirect URI (e.g. http://localhost) → Create. Copy client ID and secret into the secrets above; use the same Reddit account for REDDIT_USERNAME and REDDIT_PASSWORD.
Enables Google search snippets (reviews, articles) for product names, and optional official product URL lookup when official_url is not set in products.yaml. Uses the Custom Search JSON API (Programmable Search Engine).
| Secret name | Where to get it | Notes |
|---|---|---|
| GOOGLE_API_KEY | Google Cloud Console → APIs & Services → Credentials → Create credentials → API key | Enable “Custom Search API” for the project. Restrict the key to Custom Search API if you want. |
| GOOGLE_CSE_ID | Programmable Search Engine → Add → get Search engine ID | Create a search engine; you can search “the entire web” or specific sites. Free tier: 100 queries/day. |
Steps:
Enables CVE/vulnerability snippets from the National Vulnerability Database (e.g. for routers, IoT devices). Free API; a key raises rate limits.
| Secret name | Where to get it | Notes |
|---|---|---|
| NVD_API_KEY | NVD API key request | Request a key (org name, email). Without a key: 5 requests / 30 s; with key: 50 / 30 s. |
Steps: Go to https://nvd.nist.gov/developers/request-an-api-key → submit the form → use the key they email you as NVD_API_KEY.
OPENAI_API_KEYREDDIT_CLIENT_ID, REDDIT_CLIENT_SECRET, REDDIT_USERNAME, REDDIT_PASSWORDGOOGLE_API_KEY, GOOGLE_CSE_IDNVD_API_KEYIf an optional secret is missing, that source is skipped and the generator still runs using Amazon metadata (and any other sources you did configure).