diff --git a/pkgs/clan-cli/clan_cli/secrets/machines.py b/pkgs/clan-cli/clan_cli/secrets/machines.py
index 330f2ad..ebb9fb8 100644
--- a/pkgs/clan-cli/clan_cli/secrets/machines.py
+++ b/pkgs/clan-cli/clan_cli/secrets/machines.py
@@ -23,8 +23,20 @@ def list_machines() -> list[str]:
     return list_objects(sops_machines_folder(), lambda x: validate_hostname(x))
 
 
+def add_secret(machine: str, secret: str) -> None:
+    secrets.allow_member(
+        secrets.machines_folder(secret), sops_machines_folder(), machine
+    )
+
+
+def remove_secret(machine: str, secret: str) -> None:
+    secrets.disallow_member(secrets.machines_folder(secret), machine)
+
+
 def list_command(args: argparse.Namespace) -> None:
-    print("\n".join(list_machines()))
+    lst = list_machines()
+    if len(lst) > 0:
+        print("\n".join(lst))
 
 
 def add_command(args: argparse.Namespace) -> None:
@@ -32,17 +44,15 @@ def add_command(args: argparse.Namespace) -> None:
 
 
 def remove_command(args: argparse.Namespace) -> None:
-    remove_object(sops_machines_folder(), args.machine)
+    remove_machine(args.machine)
 
 
 def add_secret_command(args: argparse.Namespace) -> None:
-    secrets.allow_member(
-        secrets.machines_folder(args.secret), sops_machines_folder(), args.machine
-    )
+    add_secret(args.machine, args.secret)
 
 
 def remove_secret_command(args: argparse.Namespace) -> None:
-    secrets.disallow_member(secrets.machines_folder(args.secret), args.machine)
+    remove_secret(args.machine, args.secret)
 
 
 def register_machines_parser(parser: argparse.ArgumentParser) -> None:
diff --git a/pkgs/clan-cli/clan_cli/secrets/secrets.py b/pkgs/clan-cli/clan_cli/secrets/secrets.py
index 4cc78e0..ed59022 100644
--- a/pkgs/clan-cli/clan_cli/secrets/secrets.py
+++ b/pkgs/clan-cli/clan_cli/secrets/secrets.py
@@ -178,7 +178,9 @@ def list_secrets() -> list[str]:
 
 
 def list_command(args: argparse.Namespace) -> None:
-    print("\n".join(list_secrets()))
+    lst = list_secrets()
+    if len(lst) > 0:
+        print("\n".join(lst))
 
 
 def get_command(args: argparse.Namespace) -> None:
diff --git a/pkgs/clan-cli/clan_cli/secrets/users.py b/pkgs/clan-cli/clan_cli/secrets/users.py
index b5c48d2..25cf28a 100644
--- a/pkgs/clan-cli/clan_cli/secrets/users.py
+++ b/pkgs/clan-cli/clan_cli/secrets/users.py
@@ -25,8 +25,18 @@ def list_users() -> list[str]:
     )
 
 
+def add_secret(user: str, secret: str) -> None:
+    secrets.allow_member(secrets.users_folder(secret), sops_users_folder(), user)
+
+
+def remove_secret(user: str, secret: str) -> None:
+    secrets.disallow_member(secrets.users_folder(secret), user)
+
+
 def list_command(args: argparse.Namespace) -> None:
-    print("\n".join(list_users()))
+    lst = list_users()
+    if len(lst) > 0:
+        print("\n".join(lst))
 
 
 def add_command(args: argparse.Namespace) -> None:
@@ -38,13 +48,11 @@ def remove_command(args: argparse.Namespace) -> None:
 
 
 def add_secret_command(args: argparse.Namespace) -> None:
-    secrets.allow_member(
-        secrets.users_folder(args.secret), sops_users_folder(), args.user
-    )
+    add_secret(args.user, args.secret)
 
 
 def remove_secret_command(args: argparse.Namespace) -> None:
-    secrets.disallow_member(secrets.users_folder(args.secret), args.user)
+    remove_secret(args.user, args.secret)
 
 
 def register_users_parser(parser: argparse.ArgumentParser) -> None: