env-manager
Environment variable management, validation, and documentation.
Best use case
env-manager is best used when you need a repeatable AI agent workflow instead of a one-off prompt. It is especially useful for teams working in multi. Environment variable management, validation, and documentation.
Environment variable management, validation, and documentation.
Users should expect a more consistent workflow output, faster repeated execution, and less time spent rewriting prompts from scratch.
Practical example
Example input
Use the "env-manager" skill to help with this workflow task. Context: Environment variable management, validation, and documentation.
Example output
A structured workflow result with clearer steps, more consistent formatting, and an output that is easier to reuse in the next run.
When to use this skill
- Use this skill when you want a reusable workflow rather than writing the same prompt again and again.
When not to use this skill
- Do not use this when you only need a one-off answer and do not need a reusable workflow.
- Do not use it if you cannot install or maintain the related files, repository context, or supporting tools.
Installation
Claude Code / Cursor / Codex
Manual Installation
- Download SKILL.md from GitHub
- Place it in
.claude/skills/env-manager/SKILL.mdinside your project - Restart your AI agent — it will auto-discover the skill
How env-manager Compares
| Feature / Agent | env-manager | Standard Approach |
|---|---|---|
| Platform Support | Not specified | Limited / Varies |
| Context Awareness | High | Baseline |
| Installation Complexity | Unknown | N/A |
Frequently Asked Questions
What does this skill do?
Environment variable management, validation, and documentation.
Where can I find the source code?
You can find the source code on GitHub using the link provided at the top of the page.
Related Guides
SKILL.md Source
# Environment Manager Skill
Environment variable management, validation, and documentation.
## Instructions
You are an environment configuration expert. When invoked:
1. **Analyze Environment Variables**:
- Identify all environment variables used in code
- Check for undefined or missing variables
- Validate variable formats (URLs, numbers, booleans)
- Detect hardcoded values that should be env vars
2. **Generate Documentation**:
- Create .env.example template
- Document required vs optional variables
- Provide descriptions and examples
- List default values
3. **Validate Configuration**:
- Check required variables are set
- Validate formats and types
- Ensure no secrets in source control
- Verify cross-environment consistency
4. **Provide Best Practices**:
- Naming conventions
- Security recommendations
- Environment-specific configs
- Secret management strategies
## Environment Variable Conventions
### Naming Standards
```bash
# Use UPPER_SNAKE_CASE
DATABASE_URL=postgresql://localhost:5432/mydb
API_KEY=abc123xyz
# Prefix by service/category
DB_HOST=localhost
DB_PORT=5432
DB_NAME=mydb
DB_USER=admin
REDIS_HOST=localhost
REDIS_PORT=6379
AWS_REGION=us-east-1
AWS_ACCESS_KEY_ID=AKIA...
AWS_SECRET_ACCESS_KEY=...
# Boolean values
ENABLE_LOGGING=true
DEBUG_MODE=false
```
### Environment Prefixes
```bash
# Development
NODE_ENV=development
DEBUG=true
LOG_LEVEL=debug
# Staging
NODE_ENV=staging
DEBUG=false
LOG_LEVEL=info
# Production
NODE_ENV=production
DEBUG=false
LOG_LEVEL=error
```
## .env.example Template
```bash
# ======================
# Application Settings
# ======================
# Environment (development, staging, production)
NODE_ENV=development
# Application port
PORT=3000
# Application URL
APP_URL=http://localhost:3000
# ======================
# Database Configuration
# ======================
# PostgreSQL connection string
# Format: postgresql://username:password@host:port/database
DATABASE_URL=postgresql://user:password@localhost:5432/myapp
# Database connection pool
DB_POOL_MIN=2
DB_POOL_MAX=10
# ======================
# Redis Configuration
# ======================
# Redis connection URL
REDIS_URL=redis://localhost:6379
# Redis password (optional)
# REDIS_PASSWORD=
# ======================
# Authentication
# ======================
# JWT secret key (REQUIRED - Generate with: openssl rand -base64 32)
JWT_SECRET=your-secret-key-here
# JWT expiration (default: 24h)
JWT_EXPIRES_IN=24h
# Session secret
SESSION_SECRET=your-session-secret
# ======================
# External Services
# ======================
# AWS Configuration
AWS_REGION=us-east-1
AWS_ACCESS_KEY_ID=your-access-key
AWS_SECRET_ACCESS_KEY=your-secret-key
AWS_S3_BUCKET=my-app-uploads
# Email Service (SendGrid)
SENDGRID_API_KEY=SG.xxxxx
EMAIL_FROM=noreply@example.com
# Stripe
STRIPE_PUBLIC_KEY=pk_test_xxxxx
STRIPE_SECRET_KEY=sk_test_xxxxx
# ======================
# Feature Flags
# ======================
# Enable new dashboard
ENABLE_NEW_DASHBOARD=false
# Enable email notifications
ENABLE_EMAIL_NOTIFICATIONS=true
# ======================
# Logging & Monitoring
# ======================
# Log level (error, warn, info, debug)
LOG_LEVEL=info
# Sentry DSN for error tracking
# SENTRY_DSN=https://xxxxx@sentry.io/xxxxx
# ======================
# Security
# ======================
# CORS allowed origins (comma-separated)
CORS_ORIGINS=http://localhost:3000,http://localhost:3001
# Rate limiting
RATE_LIMIT_MAX_REQUESTS=100
RATE_LIMIT_WINDOW_MS=900000
# ======================
# Development Only
# ======================
# Enable debug mode
DEBUG=false
# Disable SSL verification (NEVER in production!)
# NODE_TLS_REJECT_UNAUTHORIZED=0
```
## Environment Validation
### Node.js Example
```javascript
// env.js - Environment validation
const envalid = require('envalid');
const env = envalid.cleanEnv(process.env, {
// Application
NODE_ENV: envalid.str({ choices: ['development', 'staging', 'production'] }),
PORT: envalid.port({ default: 3000 }),
APP_URL: envalid.url(),
// Database
DATABASE_URL: envalid.url({ desc: 'PostgreSQL connection URL' }),
DB_POOL_MIN: envalid.num({ default: 2 }),
DB_POOL_MAX: envalid.num({ default: 10 }),
// Redis
REDIS_URL: envalid.url(),
REDIS_PASSWORD: envalid.str({ default: '' }),
// Secrets
JWT_SECRET: envalid.str({ desc: 'JWT signing secret' }),
JWT_EXPIRES_IN: envalid.str({ default: '24h' }),
// AWS
AWS_REGION: envalid.str({ default: 'us-east-1' }),
AWS_ACCESS_KEY_ID: envalid.str(),
AWS_SECRET_ACCESS_KEY: envalid.str(),
// Feature Flags
ENABLE_NEW_DASHBOARD: envalid.bool({ default: false }),
ENABLE_EMAIL_NOTIFICATIONS: envalid.bool({ default: true }),
// Logging
LOG_LEVEL: envalid.str({
choices: ['error', 'warn', 'info', 'debug'],
default: 'info'
}),
// Security
CORS_ORIGINS: envalid.str({ desc: 'Comma-separated allowed origins' }),
RATE_LIMIT_MAX_REQUESTS: envalid.num({ default: 100 }),
});
module.exports = env;
```
### Python Example
```python
# config.py - Environment validation
import os
from typing import Optional
from pydantic import BaseSettings, validator, AnyHttpUrl
class Settings(BaseSettings):
# Application
ENV: str = "development"
PORT: int = 8000
APP_URL: AnyHttpUrl
# Database
DATABASE_URL: str
DB_POOL_MIN: int = 2
DB_POOL_MAX: int = 10
# Redis
REDIS_URL: str
REDIS_PASSWORD: Optional[str] = None
# Secrets
JWT_SECRET: str
JWT_EXPIRES_IN: str = "24h"
# AWS
AWS_REGION: str = "us-east-1"
AWS_ACCESS_KEY_ID: str
AWS_SECRET_ACCESS_KEY: str
# Feature Flags
ENABLE_NEW_DASHBOARD: bool = False
ENABLE_EMAIL_NOTIFICATIONS: bool = True
# Logging
LOG_LEVEL: str = "info"
@validator("ENV")
def validate_env(cls, v):
allowed = ["development", "staging", "production"]
if v not in allowed:
raise ValueError(f"ENV must be one of {allowed}")
return v
@validator("LOG_LEVEL")
def validate_log_level(cls, v):
allowed = ["error", "warn", "info", "debug"]
if v not in allowed:
raise ValueError(f"LOG_LEVEL must be one of {allowed}")
return v
class Config:
env_file = ".env"
case_sensitive = True
settings = Settings()
```
## Usage Examples
```
@env-manager
@env-manager --validate
@env-manager --generate-example
@env-manager --check-secrets
@env-manager --document
```
## Security Best Practices
### Never Commit Secrets
```bash
# .gitignore
.env
.env.local
.env.*.local
*.pem
*.key
secrets/
```
### Secret Detection
```bash
# Check for accidentally committed secrets
git secrets --scan
# Use tools like:
# - gitleaks
# - truffleHog
# - git-secrets
```
### Secret Management Solutions
```bash
# Development
# - .env files (gitignored)
# - direnv
# Production
# - AWS Secrets Manager
# - HashiCorp Vault
# - Azure Key Vault
# - Google Secret Manager
# - Kubernetes Secrets
# - Docker Secrets
```
### Encryption at Rest
```bash
# Encrypt sensitive .env files
# Using SOPS (Secrets OPerationS)
sops -e .env > .env.encrypted
# Using git-crypt
git-crypt init
echo '.env' >> .gitattributes
git-crypt add-gpg-user user@example.com
```
## Environment-Specific Configurations
### Multiple .env Files
```bash
.env # Default (committed .env.example)
.env.local # Local overrides (gitignored)
.env.development # Development
.env.staging # Staging
.env.production # Production (never committed!)
```
### Loading Priority (Node.js)
```javascript
// Using dotenv with cascading
require('dotenv').config({ path: '.env.local' });
require('dotenv').config({ path: `.env.${process.env.NODE_ENV}` });
require('dotenv').config({ path: '.env' });
```
## Common Issues & Solutions
### Missing Environment Variables
```javascript
// ❌ Bad - Silent failure
const apiKey = process.env.API_KEY;
// ✓ Good - Explicit validation
const apiKey = process.env.API_KEY;
if (!apiKey) {
throw new Error('API_KEY environment variable is required');
}
// ✓ Better - Use validation library
const env = require('./env'); // validates on load
const apiKey = env.API_KEY;
```
### Type Coercion
```javascript
// ❌ Bad - String comparison
if (process.env.DEBUG === true) { } // Always false!
// ✓ Good - Proper boolean parsing
const DEBUG = process.env.DEBUG === 'true';
// ✓ Better - Use validation
const { bool } = require('envalid');
const DEBUG = bool({ default: false });
```
### Default Values
```javascript
// ✓ Provide sensible defaults
const PORT = process.env.PORT || 3000;
const LOG_LEVEL = process.env.LOG_LEVEL || 'info';
const ENABLE_CACHE = process.env.ENABLE_CACHE !== 'false'; // Default true
```
## Documentation Template
```markdown
# Environment Variables
## Required Variables
### DATABASE_URL
- **Type**: URL
- **Description**: PostgreSQL connection string
- **Format**: `postgresql://username:password@host:port/database`
- **Example**: `postgresql://user:pass@localhost:5432/mydb`
### JWT_SECRET
- **Type**: String
- **Description**: Secret key for JWT token signing
- **Security**: Never commit this value
- **Generate**: `openssl rand -base64 32`
### AWS_ACCESS_KEY_ID
- **Type**: String
- **Description**: AWS access key for S3 and other services
- **Security**: Store in secrets manager in production
## Optional Variables
### PORT
- **Type**: Number
- **Description**: Application server port
- **Default**: `3000`
- **Example**: `3000`
### LOG_LEVEL
- **Type**: String
- **Description**: Logging verbosity
- **Choices**: `error`, `warn`, `info`, `debug`
- **Default**: `info`
### ENABLE_CACHE
- **Type**: Boolean
- **Description**: Enable Redis caching
- **Default**: `true`
- **Values**: `true`, `false`
## Feature Flags
### ENABLE_NEW_DASHBOARD
- **Type**: Boolean
- **Description**: Enable new dashboard UI
- **Default**: `false`
- **Status**: Experimental
## Environment Setup
### Development
```bash
cp .env.example .env.local
# Edit .env.local with your local values
```
### Production
Use secrets manager to set:
- DATABASE_URL
- JWT_SECRET
- AWS credentials
- API keys
```
## Notes
- Use `.env.example` as template (committed to git)
- Never commit actual `.env` files with secrets
- Validate environment variables on application startup
- Use secrets management in production
- Document all variables with descriptions and examples
- Use consistent naming conventions (UPPER_SNAKE_CASE)
- Prefix related variables (DB_, AWS_, REDIS_)
- Provide sensible defaults when possible
- Use type validation libraries
- Consider environment-specific configuration filesRelated Skills
backlog-manager
需求池管理。用户随时抛出想法/痛点,AI 负责追问、整理、合并、归档到需求池文件。用户准备开新版本时,协助从池中筛选。痛点驱动,不做提前排期。
risk-manager
Monitor portfolio risk, R-multiples, and position limits. Creates hedging strategies, calculates expectancy, and implements stop-losses. Use PROACTIVELY for risk assessment, trade tracking, or portfolio protection.
context-manager
Elite AI context engineering specialist mastering dynamic context management, vector databases, knowledge graphs, and intelligent memory systems. Orchestrates context across multi-agent workflows, enterprise AI systems, and long-running projects with 2024/2025 best practices. Use PROACTIVELY for complex AI orchestration.
azure-resource-manager-sql-dotnet
Azure Resource Manager SDK for Azure SQL in .NET. Use for MANAGEMENT PLANE operations: creating/managing SQL servers, databases, elastic pools, firewall rules, and failover groups via Azure Resource Manager. NOT for data plane operations (executing queries) - use Microsoft.Data.SqlClient for that. Triggers: "SQL server", "create SQL database", "manage SQL resources", "ARM SQL", "SqlServerResource", "provision Azure SQL", "elastic pool", "firewall rule".
azure-resource-manager-redis-dotnet
Azure Resource Manager SDK for Redis in .NET. Use for MANAGEMENT PLANE operations: creating/managing Azure Cache for Redis instances, firewall rules, access keys, patch schedules, linked servers (geo-replication), and private endpoints via Azure Resource Manager. NOT for data plane operations (get/set keys, pub/sub) - use StackExchange.Redis for that. Triggers: "Redis cache", "create Redis", "manage Redis", "ARM Redis", "RedisResource", "provision Redis", "Azure Cache for Redis".
azure-resource-manager-postgresql-dotnet
Azure PostgreSQL Flexible Server SDK for .NET. Database management for PostgreSQL Flexible Server deployments. Use for creating servers, databases, firewall rules, configurations, backups, and high availability. Triggers: "PostgreSQL", "PostgreSqlFlexibleServer", "PostgreSQL Flexible Server", "Azure Database for PostgreSQL", "PostgreSQL database management", "PostgreSQL firewall", "PostgreSQL backup", "Postgres".
azure-resource-manager-playwright-dotnet
Azure Resource Manager SDK for Microsoft Playwright Testing in .NET. Use for MANAGEMENT PLANE operations: creating/managing Playwright Testing workspaces, checking name availability, and managing workspace quotas via Azure Resource Manager. NOT for running Playwright tests - use Azure.Developer.MicrosoftPlaywrightTesting.NUnit for that. Triggers: "Playwright workspace", "create Playwright Testing workspace", "manage Playwright resources", "ARM Playwright", "PlaywrightWorkspaceResource", "provision Playwright Testing".
azure-resource-manager-cosmosdb-dotnet
Azure Resource Manager SDK for Cosmos DB in .NET. Use for MANAGEMENT PLANE operations: creating/managing Cosmos DB accounts, databases, containers, throughput settings, and RBAC via Azure Resource Manager. NOT for data plane operations (CRUD on documents) - use Microsoft.Azure.Cosmos for that. Triggers: "Cosmos DB account", "create Cosmos account", "manage Cosmos resources", "ARM Cosmos", "CosmosDBAccountResource", "provision Cosmos DB".
agent-manager-skill
Manage multiple local CLI agents via tmux sessions (start/stop/monitor/assign) with cron-friendly scheduling.
notebooklm-manager
This skill should be used when the user wants to interact with NotebookLM notebooks via Claude Code's Chrome integration. Trigger phrases: "Query my NotebookLM", "Ask my notebook about X", "query [id] about X", "list my notebooks", "add notebook URL", "show notebook details", "search notebooks for X", "Check my docs", "what does my [topic] notebook say about", "remove notebook", "delete notebook", "disable notebook", "enable notebook". Also triggers when user: (1) mentions NotebookLM explicitly, (2) shares NotebookLM URL (https://notebooklm.google.com/notebook/...). Do NOT use for: general web searches, local file reading, or non-NotebookLM documentation queries. Requires: claude --chrome with claude-in-chrome MCP.
home-assistant-manager
Expert-level Home Assistant configuration management with efficient deployment workflows (git and rapid scp iteration), remote CLI access via SSH and hass-cli, automation verification protocols, log analysis, reload vs restart optimization, and comprehensive Lovelace dashboard management for tablet-optimized UIs. Includes template patterns, card types, debugging strategies, and real-world examples.
ghe-thread-manager
Use this skill when the user expresses ANY intent related to issue/thread management: - Switching issues: "let's work on X", "switch to #Y", "go to the auth issue" - Checking status: "what are we working on?", "current issue?", "status?" - Background work: "what's in background?", "any features ready?", "check progress" - Starting development: "implement X", "add feature", "fix bug Y", "build a..." - Joining reviews: "let me see the review", "check that feature", "join #X" - Pausing/resuming: "pause this", "come back later", "resume #X" - Stopping transcription: "stop tracking", "don't record this", "private mode" - Resuming last session: "what were we working on?", "resume last issue", "continue where we left off" - Any natural expression of wanting to change focus or check work status This skill interprets natural language - users should NOT memorize commands. For the full GHE workflow protocol, see skill: github-elements-tracking