Best use case
env-secrets-manager is best used when you need a repeatable AI agent workflow instead of a one-off prompt.
Env & Secrets Manager
Teams using env-secrets-manager should expect a more consistent output, faster repeated execution, less prompt rewriting.
When to use this skill
- You want a reusable workflow that can be run more than once with consistent structure.
When not to use this skill
- You only need a quick one-off answer and do not need a reusable workflow.
- You cannot install or maintain the underlying files, dependencies, or repository context.
Installation
Claude Code / Cursor / Codex
Manual Installation
- Download SKILL.md from GitHub
- Place it in
.claude/skills/env-secrets-manager/SKILL.mdinside your project - Restart your AI agent — it will auto-discover the skill
How env-secrets-manager Compares
| Feature / Agent | env-secrets-manager | Standard Approach |
|---|---|---|
| Platform Support | Not specified | Limited / Varies |
| Context Awareness | High | Baseline |
| Installation Complexity | Unknown | N/A |
Frequently Asked Questions
What does this skill do?
Env & Secrets Manager
Where can I find the source code?
You can find the source code on GitHub using the link provided at the top of the page.
SKILL.md Source
# Env & Secrets Manager **Tier:** POWERFUL **Category:** Engineering **Domain:** Security / DevOps / Configuration Management --- ## Overview Manage environment-variable hygiene and secrets safety across local development and production workflows. This skill focuses on practical auditing, drift awareness, and rotation readiness. ## Core Capabilities - `.env` and `.env.example` lifecycle guidance - Secret leak detection for repository working trees - Severity-based findings for likely credentials - Operational pointers for rotation and containment - Integration-ready outputs for CI checks --- ## When to Use - Before pushing commits that touched env/config files - During security audits and incident triage - When onboarding contributors who need safe env conventions - When validating that no obvious secrets are hardcoded --- ## Quick Start ```bash # Scan a repository for likely secret leaks python3 scripts/env_auditor.py /path/to/repo # JSON output for CI pipelines python3 scripts/env_auditor.py /path/to/repo --json ``` --- ## Recommended Workflow 1. Run `scripts/env_auditor.py` on the repository root. 2. Prioritize `critical` and `high` findings first. 3. Rotate real credentials and remove exposed values. 4. Update `.env.example` and `.gitignore` as needed. 5. Add or tighten pre-commit/CI secret scanning gates. --- ## Reference Docs - `references/validation-detection-rotation.md` - `references/secret-patterns.md` --- ## Common Pitfalls - Committing real values in `.env.example` - Rotating one system but missing downstream consumers - Logging secrets during debugging or incident response - Treating suspected leaks as low urgency without validation ## Best Practices 1. Use a secret manager as the production source of truth. 2. Keep dev env files local and gitignored. 3. Enforce detection in CI before merge. 4. Re-test application paths immediately after credential rotation.
Related Skills
vault-secrets-integrator
Vault Secrets Integrator - Auto-activating skill for DevOps Advanced. Triggers on: vault secrets integrator, vault secrets integrator Part of the DevOps Advanced skill category.
terraform-state-manager
Terraform State Manager - Auto-activating skill for DevOps Advanced. Triggers on: terraform state manager, terraform state manager Part of the DevOps Advanced skill category.
ssh-key-manager
Ssh Key Manager - Auto-activating skill for DevOps Basics. Triggers on: ssh key manager, ssh key manager Part of the DevOps Basics skill category.
service-account-manager
Service Account Manager - Auto-activating skill for GCP Skills. Triggers on: service account manager, service account manager Part of the GCP Skills skill category.
integrating-secrets-managers
This skill enables Claude to seamlessly integrate with various secrets managers like HashiCorp Vault and AWS Secrets Manager. It generates configurations and setup code, ensuring best practices for secure credential management. Use this skill when you need to manage sensitive information, generate production-ready configurations, or implement a security-first approach for your DevOps infrastructure. Trigger terms include "integrate secrets manager", "configure Vault", "AWS Secrets Manager setup", "manage credentials securely", or requests for secure configuration generation.
route53-record-manager
Route53 Record Manager - Auto-activating skill for AWS Skills. Triggers on: route53 record manager, route53 record manager Part of the AWS Skills skill category.
redis-cache-manager
Redis Cache Manager - Auto-activating skill for Backend Development. Triggers on: redis cache manager, redis cache manager Part of the Backend Development skill category.
package-json-manager
Package Json Manager - Auto-activating skill for DevOps Basics. Triggers on: package json manager, package json manager Part of the DevOps Basics skill category.
nginx-ingress-manager
Nginx Ingress Manager - Auto-activating skill for DevOps Advanced. Triggers on: nginx ingress manager, nginx ingress manager Part of the DevOps Advanced skill category.
model-versioning-manager
Model Versioning Manager - Auto-activating skill for ML Deployment. Triggers on: model versioning manager, model versioning manager Part of the ML Deployment skill category.
model-registry-manager
Model Registry Manager - Auto-activating skill for ML Deployment. Triggers on: model registry manager, model registry manager Part of the ML Deployment skill category.
model-checkpoint-manager
Model Checkpoint Manager - Auto-activating skill for ML Training. Triggers on: model checkpoint manager, model checkpoint manager Part of the ML Training skill category.