fix(infisical): rename tool files to underscores, add configurable baseUrl, fix error type casts

waleedlatif1 · waleedlatif1 · commit cfc73774d689 · 2026-03-19T14:43:27.000-07:00
diff --git a/apps/docs/content/docs/en/tools/infisical.mdx b/apps/docs/content/docs/en/tools/infisical.mdx
@@ -5,7 +5,7 @@ description: Manage secrets with Infisical
 
 import { BlockInfoCard } from "@/components/ui/block-info-card"
 
-<BlockInfoCard
+<BlockInfoCard 
   type="infisical"
   color="#F7FE62"
 />
@@ -24,6 +24,7 @@ With Infisical in Sim, you can:
 In Sim, the Infisical integration enables your agents to programmatically manage secrets as part of automated workflows — for example, rotating credentials, syncing environment variables across environments, or auditing secret usage. Simply configure the Infisical block with your API key, select the operation, and provide the project ID and environment slug to get started.
 {/* MANUAL-CONTENT-END */}
 
+
 ## Usage Instructions
 
 Integrate Infisical into your workflow. List, get, create, update, and delete secrets across project environments.
@@ -34,77 +35,221 @@ Integrate Infisical into your workflow. List, get, create, update, and delete se
 
 ### `infisical_list_secrets`
 
+List all secrets in a project environment. Returns secret keys, values, comments, tags, and metadata.
+
 #### Input
 
 | Parameter | Type | Required | Description |
 | --------- | ---- | -------- | ----------- |
+| `apiKey` | string | Yes | Infisical API token |
+| `baseUrl` | string | No | Infisical instance URL \(default: "https://us.infisical.com"\). Use "https://eu.infisical.com" for EU Cloud or your self-hosted URL. |
+| `projectId` | string | Yes | The ID of the project to list secrets from |
+| `environment` | string | Yes | The environment slug \(e.g., "dev", "staging", "prod"\) |
+| `secretPath` | string | No | The path of the secrets \(default: "/"\) |
+| `recursive` | boolean | No | Whether to fetch secrets recursively from subdirectories |
+| `expandSecretReferences` | boolean | No | Whether to expand secret references \(default: true\) |
+| `viewSecretValue` | boolean | No | Whether to include secret values in the response \(default: true\) |
+| `includeImports` | boolean | No | Whether to include imported secrets \(default: true\) |
+| `tagSlugs` | string | No | Comma-separated tag slugs to filter secrets by |
 
 #### Output
 
 | Parameter | Type | Description |
 | --------- | ---- | ----------- |
-| `secrets` | json | Array of secrets \(list operation\) |
-| `count` | number | Number of secrets returned |
-| `secret` | json | Secret object \(get/create/update/delete operations\) |
+| `secrets` | array | Array of secrets |
+|   ↳ `id` | string | Secret ID |
+|   ↳ `workspace` | string | Workspace/project ID |
+|   ↳ `secretKey` | string | Secret name/key |
+|   ↳ `secretValue` | string | Secret value |
+|   ↳ `secretComment` | string | Secret comment |
+|   ↳ `secretPath` | string | Secret path |
+|   ↳ `version` | number | Secret version |
+|   ↳ `type` | string | Secret type \(shared or personal\) |
+|   ↳ `environment` | string | Environment slug |
+|   ↳ `tags` | array | Tags attached to the secret |
+|     ↳ `id` | string | Tag ID |
+|     ↳ `slug` | string | Tag slug |
+|     ↳ `color` | string | Tag color |
+|     ↳ `name` | string | Tag name |
+|   ↳ `secretMetadata` | array | Custom metadata key-value pairs |
+|     ↳ `key` | string | Metadata key |
+|     ↳ `value` | string | Metadata value |
+|   ↳ `createdAt` | string | Creation timestamp |
+|   ↳ `updatedAt` | string | Last update timestamp |
+| `count` | number | Total number of secrets returned |
 
 ### `infisical_get_secret`
 
+Retrieve a single secret by name from a project environment.
+
 #### Input
 
 | Parameter | Type | Required | Description |
 | --------- | ---- | -------- | ----------- |
+| `apiKey` | string | Yes | Infisical API token |
+| `baseUrl` | string | No | Infisical instance URL \(default: "https://us.infisical.com"\). Use "https://eu.infisical.com" for EU Cloud or your self-hosted URL. |
+| `projectId` | string | Yes | The ID of the project |
+| `environment` | string | Yes | The environment slug \(e.g., "dev", "staging", "prod"\) |
+| `secretName` | string | Yes | The name of the secret to retrieve |
+| `secretPath` | string | No | The path of the secret \(default: "/"\) |
+| `version` | number | No | Specific version of the secret to retrieve |
+| `type` | string | No | Secret type: "shared" or "personal" \(default: "shared"\) |
+| `viewSecretValue` | boolean | No | Whether to include the secret value in the response \(default: true\) |
+| `expandSecretReferences` | boolean | No | Whether to expand secret references \(default: true\) |
 
 #### Output
 
 | Parameter | Type | Description |
 | --------- | ---- | ----------- |
-| `secrets` | json | Array of secrets \(list operation\) |
-| `count` | number | Number of secrets returned |
-| `secret` | json | Secret object \(get/create/update/delete operations\) |
+| `secret` | object | The retrieved secret |
+|   ↳ `id` | string | Secret ID |
+|   ↳ `workspace` | string | Workspace/project ID |
+|   ↳ `secretKey` | string | Secret name/key |
+|   ↳ `secretValue` | string | Secret value |
+|   ↳ `secretComment` | string | Secret comment |
+|   ↳ `secretPath` | string | Secret path |
+|   ↳ `version` | number | Secret version |
+|   ↳ `type` | string | Secret type \(shared or personal\) |
+|   ↳ `environment` | string | Environment slug |
+|   ↳ `tags` | array | Tags attached to the secret |
+|     ↳ `id` | string | Tag ID |
+|     ↳ `slug` | string | Tag slug |
+|     ↳ `color` | string | Tag color |
+|     ↳ `name` | string | Tag name |
+|   ↳ `secretMetadata` | array | Custom metadata key-value pairs |
+|     ↳ `key` | string | Metadata key |
+|     ↳ `value` | string | Metadata value |
+|   ↳ `createdAt` | string | Creation timestamp |
+|   ↳ `updatedAt` | string | Last update timestamp |
 
 ### `infisical_create_secret`
 
+Create a new secret in a project environment.
+
 #### Input
 
 | Parameter | Type | Required | Description |
 | --------- | ---- | -------- | ----------- |
+| `apiKey` | string | Yes | Infisical API token |
+| `baseUrl` | string | No | Infisical instance URL \(default: "https://us.infisical.com"\). Use "https://eu.infisical.com" for EU Cloud or your self-hosted URL. |
+| `projectId` | string | Yes | The ID of the project |
+| `environment` | string | Yes | The environment slug \(e.g., "dev", "staging", "prod"\) |
+| `secretName` | string | Yes | The name of the secret to create |
+| `secretValue` | string | Yes | The value of the secret |
+| `secretPath` | string | No | The path for the secret \(default: "/"\) |
+| `secretComment` | string | No | A comment for the secret |
+| `type` | string | No | Secret type: "shared" or "personal" \(default: "shared"\) |
+| `tagIds` | string | No | Comma-separated tag IDs to attach to the secret |
 
 #### Output
 
 | Parameter | Type | Description |
 | --------- | ---- | ----------- |
-| `secrets` | json | Array of secrets \(list operation\) |
-| `count` | number | Number of secrets returned |
-| `secret` | json | Secret object \(get/create/update/delete operations\) |
+| `secret` | object | The created secret |
+|   ↳ `id` | string | Secret ID |
+|   ↳ `workspace` | string | Workspace/project ID |
+|   ↳ `secretKey` | string | Secret name/key |
+|   ↳ `secretValue` | string | Secret value |
+|   ↳ `secretComment` | string | Secret comment |
+|   ↳ `secretPath` | string | Secret path |
+|   ↳ `version` | number | Secret version |
+|   ↳ `type` | string | Secret type \(shared or personal\) |
+|   ↳ `environment` | string | Environment slug |
+|   ↳ `tags` | array | Tags attached to the secret |
+|     ↳ `id` | string | Tag ID |
+|     ↳ `slug` | string | Tag slug |
+|     ↳ `color` | string | Tag color |
+|     ↳ `name` | string | Tag name |
+|   ↳ `secretMetadata` | array | Custom metadata key-value pairs |
+|     ↳ `key` | string | Metadata key |
+|     ↳ `value` | string | Metadata value |
+|   ↳ `createdAt` | string | Creation timestamp |
+|   ↳ `updatedAt` | string | Last update timestamp |
 
 ### `infisical_update_secret`
 
+Update an existing secret in a project environment.
+
 #### Input
 
 | Parameter | Type | Required | Description |
 | --------- | ---- | -------- | ----------- |
+| `apiKey` | string | Yes | Infisical API token |
+| `baseUrl` | string | No | Infisical instance URL \(default: "https://us.infisical.com"\). Use "https://eu.infisical.com" for EU Cloud or your self-hosted URL. |
+| `projectId` | string | Yes | The ID of the project |
+| `environment` | string | Yes | The environment slug \(e.g., "dev", "staging", "prod"\) |
+| `secretName` | string | Yes | The name of the secret to update |
+| `secretValue` | string | No | The new value for the secret |
+| `secretPath` | string | No | The path of the secret \(default: "/"\) |
+| `secretComment` | string | No | A comment for the secret |
+| `newSecretName` | string | No | New name for the secret \(to rename it\) |
+| `type` | string | No | Secret type: "shared" or "personal" \(default: "shared"\) |
+| `tagIds` | string | No | Comma-separated tag IDs to set on the secret |
 
 #### Output
 
 | Parameter | Type | Description |
 | --------- | ---- | ----------- |
-| `secrets` | json | Array of secrets \(list operation\) |
-| `count` | number | Number of secrets returned |
-| `secret` | json | Secret object \(get/create/update/delete operations\) |
+| `secret` | object | The updated secret |
+|   ↳ `id` | string | Secret ID |
+|   ↳ `workspace` | string | Workspace/project ID |
+|   ↳ `secretKey` | string | Secret name/key |
+|   ↳ `secretValue` | string | Secret value |
+|   ↳ `secretComment` | string | Secret comment |
+|   ↳ `secretPath` | string | Secret path |
+|   ↳ `version` | number | Secret version |
+|   ↳ `type` | string | Secret type \(shared or personal\) |
+|   ↳ `environment` | string | Environment slug |
+|   ↳ `tags` | array | Tags attached to the secret |
+|     ↳ `id` | string | Tag ID |
+|     ↳ `slug` | string | Tag slug |
+|     ↳ `color` | string | Tag color |
+|     ↳ `name` | string | Tag name |
+|   ↳ `secretMetadata` | array | Custom metadata key-value pairs |
+|     ↳ `key` | string | Metadata key |
+|     ↳ `value` | string | Metadata value |
+|   ↳ `createdAt` | string | Creation timestamp |
+|   ↳ `updatedAt` | string | Last update timestamp |
 
 ### `infisical_delete_secret`
 
+Delete a secret from a project environment.
+
 #### Input
 
 | Parameter | Type | Required | Description |
 | --------- | ---- | -------- | ----------- |
+| `apiKey` | string | Yes | Infisical API token |
+| `baseUrl` | string | No | Infisical instance URL \(default: "https://us.infisical.com"\). Use "https://eu.infisical.com" for EU Cloud or your self-hosted URL. |
+| `projectId` | string | Yes | The ID of the project |
+| `environment` | string | Yes | The environment slug \(e.g., "dev", "staging", "prod"\) |
+| `secretName` | string | Yes | The name of the secret to delete |
+| `secretPath` | string | No | The path of the secret \(default: "/"\) |
+| `type` | string | No | Secret type: "shared" or "personal" \(default: "shared"\) |
 
 #### Output
 
 | Parameter | Type | Description |
 | --------- | ---- | ----------- |
-| `secrets` | json | Array of secrets \(list operation\) |
-| `count` | number | Number of secrets returned |
-| `secret` | json | Secret object \(get/create/update/delete operations\) |
+| `secret` | object | The deleted secret |
+|   ↳ `id` | string | Secret ID |
+|   ↳ `workspace` | string | Workspace/project ID |
+|   ↳ `secretKey` | string | Secret name/key |
+|   ↳ `secretValue` | string | Secret value |
+|   ↳ `secretComment` | string | Secret comment |
+|   ↳ `secretPath` | string | Secret path |
+|   ↳ `version` | number | Secret version |
+|   ↳ `type` | string | Secret type \(shared or personal\) |
+|   ↳ `environment` | string | Environment slug |
+|   ↳ `tags` | array | Tags attached to the secret |
+|     ↳ `id` | string | Tag ID |
+|     ↳ `slug` | string | Tag slug |
+|     ↳ `color` | string | Tag color |
+|     ↳ `name` | string | Tag name |
+|   ↳ `secretMetadata` | array | Custom metadata key-value pairs |
+|     ↳ `key` | string | Metadata key |
+|     ↳ `value` | string | Metadata value |
+|   ↳ `createdAt` | string | Creation timestamp |
+|   ↳ `updatedAt` | string | Last update timestamp |
 
 
diff --git a/apps/sim/blocks/blocks/infisical.ts b/apps/sim/blocks/blocks/infisical.ts
@@ -89,6 +89,13 @@ export const InfisicalBlock: BlockConfig<InfisicalResponse> = {
       mode: 'advanced',
       condition: { field: 'operation', value: 'update_secret' },
     },
+    {
+      id: 'baseUrl',
+      title: 'Instance URL',
+      type: 'short-input',
+      placeholder: 'https://us.infisical.com (default)',
+      mode: 'advanced',
+    },
     {
       id: 'secretPath',
       title: 'Secret Path',
@@ -160,6 +167,7 @@ export const InfisicalBlock: BlockConfig<InfisicalResponse> = {
           environment: params.environment,
         }
 
+        if (params.baseUrl) result.baseUrl = params.baseUrl
         if (params.secretPath) result.secretPath = params.secretPath
 
         switch (params.operation) {
@@ -197,6 +205,7 @@ export const InfisicalBlock: BlockConfig<InfisicalResponse> = {
   inputs: {
     operation: { type: 'string', description: 'Operation to perform' },
     apiKey: { type: 'string', description: 'Infisical API token' },
+    baseUrl: { type: 'string', description: 'Infisical instance URL' },
     projectId: { type: 'string', description: 'Project ID' },
     environment: { type: 'string', description: 'Environment slug' },
     secretName: { type: 'string', description: 'Secret name' },
diff --git a/apps/sim/tools/infisical/create_secret.ts b/apps/sim/tools/infisical/create_secret.ts
@@ -20,6 +20,13 @@ export const createSecretTool: ToolConfig<
       visibility: 'user-only',
       description: 'Infisical API token',
     },
+    baseUrl: {
+      type: 'string',
+      required: false,
+      visibility: 'user-or-llm',
+      description:
+        'Infisical instance URL (default: "https://us.infisical.com"). Use "https://eu.infisical.com" for EU Cloud or your self-hosted URL.',
+    },
     projectId: {
       type: 'string',
       required: true,
@@ -73,7 +80,7 @@ export const createSecretTool: ToolConfig<
   request: {
     method: 'POST',
     url: (params) =>
-      `https://us.infisical.com/api/v4/secrets/${encodeURIComponent(params.secretName.trim())}`,
+      `${params.baseUrl?.replace(/\/+$/, '') ?? 'https://us.infisical.com'}/api/v4/secrets/${encodeURIComponent(params.secretName.trim())}`,
     headers: (params) => ({
       'Content-Type': 'application/json',
       Authorization: `Bearer ${params.apiKey}`,
@@ -99,7 +106,7 @@ export const createSecretTool: ToolConfig<
     if (!response.ok) {
       return {
         success: false,
-        output: { secret: {} },
+        output: { secret: {} as InfisicalCreateSecretResponse['output']['secret'] },
         error: data.message ?? `Request failed with status ${response.status}`,
       }
     }
diff --git a/apps/sim/tools/infisical/delete_secret.ts b/apps/sim/tools/infisical/delete_secret.ts
@@ -20,6 +20,13 @@ export const deleteSecretTool: ToolConfig<
       visibility: 'user-only',
       description: 'Infisical API token',
     },
+    baseUrl: {
+      type: 'string',
+      required: false,
+      visibility: 'user-or-llm',
+      description:
+        'Infisical instance URL (default: "https://us.infisical.com"). Use "https://eu.infisical.com" for EU Cloud or your self-hosted URL.',
+    },
     projectId: {
       type: 'string',
       required: true,
@@ -55,7 +62,7 @@ export const deleteSecretTool: ToolConfig<
   request: {
     method: 'DELETE',
     url: (params) =>
-      `https://us.infisical.com/api/v4/secrets/${encodeURIComponent(params.secretName.trim())}`,
+      `${params.baseUrl?.replace(/\/+$/, '') ?? 'https://us.infisical.com'}/api/v4/secrets/${encodeURIComponent(params.secretName.trim())}`,
     headers: (params) => ({
       'Content-Type': 'application/json',
       Authorization: `Bearer ${params.apiKey}`,
@@ -76,7 +83,7 @@ export const deleteSecretTool: ToolConfig<
     if (!response.ok) {
       return {
         success: false,
-        output: { secret: {} },
+        output: { secret: {} as InfisicalDeleteSecretResponse['output']['secret'] },
         error: data.message ?? `Request failed with status ${response.status}`,
       }
     }
diff --git a/apps/sim/tools/infisical/get_secret.ts b/apps/sim/tools/infisical/get_secret.ts
@@ -14,6 +14,13 @@ export const getSecretTool: ToolConfig<InfisicalGetSecretParams, InfisicalGetSec
       visibility: 'user-only',
       description: 'Infisical API token',
     },
+    baseUrl: {
+      type: 'string',
+      required: false,
+      visibility: 'user-or-llm',
+      description:
+        'Infisical instance URL (default: "https://us.infisical.com"). Use "https://eu.infisical.com" for EU Cloud or your self-hosted URL.',
+    },
     projectId: {
       type: 'string',
       required: true,
@@ -77,7 +84,8 @@ export const getSecretTool: ToolConfig<InfisicalGetSecretParams, InfisicalGetSec
         searchParams.set('viewSecretValue', String(params.viewSecretValue))
       if (params.expandSecretReferences != null)
         searchParams.set('expandSecretReferences', String(params.expandSecretReferences))
-      return `https://us.infisical.com/api/v4/secrets/${encodeURIComponent(params.secretName.trim())}?${searchParams.toString()}`
+      const base = params.baseUrl?.replace(/\/+$/, '') ?? 'https://us.infisical.com'
+      return `${base}/api/v4/secrets/${encodeURIComponent(params.secretName.trim())}?${searchParams.toString()}`
     },
     headers: (params) => ({
       Authorization: `Bearer ${params.apiKey}`,
@@ -89,7 +97,7 @@ export const getSecretTool: ToolConfig<InfisicalGetSecretParams, InfisicalGetSec
     if (!response.ok) {
       return {
         success: false,
-        output: { secret: {} },
+        output: { secret: {} as InfisicalGetSecretResponse['output']['secret'] },
         error: data.message ?? `Request failed with status ${response.status}`,
       }
     }
diff --git a/apps/sim/tools/infisical/index.ts b/apps/sim/tools/infisical/index.ts
@@ -1,11 +1,13 @@
-import { createSecretTool } from '@/tools/infisical/create-secret'
-import { deleteSecretTool } from '@/tools/infisical/delete-secret'
-import { getSecretTool } from '@/tools/infisical/get-secret'
-import { listSecretsTool } from '@/tools/infisical/list-secrets'
-import { updateSecretTool } from '@/tools/infisical/update-secret'
+import { createSecretTool } from '@/tools/infisical/create_secret'
+import { deleteSecretTool } from '@/tools/infisical/delete_secret'
+import { getSecretTool } from '@/tools/infisical/get_secret'
+import { listSecretsTool } from '@/tools/infisical/list_secrets'
+import { updateSecretTool } from '@/tools/infisical/update_secret'
 
 export const infisicalListSecretsTool = listSecretsTool
 export const infisicalGetSecretTool = getSecretTool
 export const infisicalCreateSecretTool = createSecretTool
 export const infisicalUpdateSecretTool = updateSecretTool
 export const infisicalDeleteSecretTool = deleteSecretTool
+
+export * from './types'
diff --git a/apps/sim/tools/infisical/list_secrets.ts b/apps/sim/tools/infisical/list_secrets.ts
diff --git a/apps/sim/tools/infisical/types.ts b/apps/sim/tools/infisical/types.ts
diff --git a/apps/sim/tools/infisical/update_secret.ts b/apps/sim/tools/infisical/update_secret.ts
