diff --git a/pkgs/clan-cli/clan_cli/secrets/machines.py b/pkgs/clan-cli/clan_cli/secrets/machines.py
index f96c88b..24da93a 100644
--- a/pkgs/clan-cli/clan_cli/secrets/machines.py
+++ b/pkgs/clan-cli/clan_cli/secrets/machines.py
@@ -19,11 +19,15 @@ def get_machine(name: str) -> str:
     return read_key(sops_machines_folder() / name)
 
 
+def has_machine(name: str) -> bool:
+    return (sops_machines_folder() / name / "key.json").exists()
+
+
 def list_machines() -> list[str]:
     path = sops_machines_folder()
 
     def validate(name: str) -> bool:
-        return validate_hostname(name) and (path / name / "key.json").exists()
+        return validate_hostname(name) and has_machine(name)
 
     return list_objects(path, validate)
 
diff --git a/pkgs/clan-cli/clan_cli/secrets/secrets.py b/pkgs/clan-cli/clan_cli/secrets/secrets.py
index 674fccc..f607c3a 100644
--- a/pkgs/clan-cli/clan_cli/secrets/secrets.py
+++ b/pkgs/clan-cli/clan_cli/secrets/secrets.py
@@ -171,14 +171,15 @@ def disallow_member(group_folder: Path, name: str) -> None:
     )
 
 
+def has_secret(secret: str) -> bool:
+    return (sops_secrets_folder() / secret / "secret").exists()
+
+
 def list_secrets() -> list[str]:
     path = sops_secrets_folder()
 
     def validate(name: str) -> bool:
-        return (
-            VALID_SECRET_NAME.match(name) is not None
-            and (path / name / "secret").exists()
-        )
+        return VALID_SECRET_NAME.match(name) is not None and has_secret(name)
 
     return list_objects(path, validate)