Skip to main content
Agents need model access, but credentials are secrets. Docs should teach the request, budget, and verification shape — never publish keys.

Request path

Please provision model access for my KHAL FDE KHAW profile.
Needed for: code review, docs, KHAW Purpose/Wish work, and pack development.
Please provide the approved provider route, budget limits, and whether I should configure a personal `.env` key or use an existing profile credential pool.

Install without leaking

Never paste a key into public docs, screenshots, issues, or chat transcripts. Put secrets only where the configured runtime expects them. Verify presence without printing values: 
python3 - <<'PY'
import os
print('OPENROUTER_API_KEY set:', bool(os.getenv('OPENROUTER_API_KEY')))
PY

Budget/spend awareness

KHAW exposes FDE spend/usage helpers: 
khaw fde spend --identity <identity> --json
khaw fde usage record --help
Good spend proof: 
identity: <identity>
provider: openrouter
budget_policy: <known-or-pending>
key_present: true/false
mutation: none
Bad proof: 
OPENROUTER_API_KEY=<raw-secret-redacted>

TASK: I am reading `khaw/openrouter-creds.mdx` (Model and OpenRouter credentials). Use this page as the contract, then verify current CLI/output before you guide me.
CONTEXT: I may be a new KHAL FDE. Prefer read-only checks and dry-runs first. Do not mutate customer, HML, production, credentials, SSH, Gitea, or model-provider state without an explicit GO.
SAFE FIRST COMMANDS: Check versions, identity, target, git source/ref, KHAW doctor/status, KHAL context, and dry-run output. Redact secrets and private URLs.
EVIDENCE: Return command, exit status, sanitized output, what it proves, and the next safe action.