← Back to Skills Marketplace

env-secure-manager

Name: env-secure-manager
Author: ayalili

by Ayalili · GitHub ↗ · v1.0.1 · MIT-0

cross-platform ⚠ suspicious

338

Downloads

Stars

Active Installs

Versions

Install in OpenClaw

/install env-secure-manager

Description

Secure environment variable & secret management with AES-256 encryption, auto-redaction, permission control, prevent credential leakage

README (SKILL.md)

🔐 环境变量安全管理器

核心亮点

🛡️ AES-256加密存储：敏感信息自动加密，即使配置文件泄露也无法获取明文密钥
🚫 自动脱敏机制：自动检测并脱敏输出中的敏感信息，防止密钥泄露到日志/聊天记录
🔑 权限控制：访问敏感值需要显式授权，避免意外泄露
🔄 自动密钥生成：首次使用自动生成安全密钥，也支持自定义密钥

🎯 适用场景

管理API密钥、数据库密码等敏感信息
防止敏感信息泄露到日志、输出或会话历史
批量加载环境变量，统一管理配置
多Agent环境下的安全配置共享

📝 参数说明

参数	类型	必填	说明
action	string	是	操作类型：init/set/get/list/delete/redact/loadFromEnv
key	string	否	set/get/delete操作必填，环境变量名，大写字母+下划线
value	string	否	set操作必填，变量值
isSecret	boolean	否	set操作可选，是否为敏感信息，默认false
allowSecret	boolean	否	get操作可选，是否允许获取敏感值，默认false
text	string	否	redact操作必填，要脱敏的文本
prefix	string	否	loadFromEnv操作可选，环境变量前缀，默认OPENCLAW_
encryptionKey	string	否	init操作可选，自定义32位加密密钥

💡 开箱即用示例

初始化（可选，建议启动时调用）

// 使用自定义密钥
await skills.envSecureManager({
  action: "init",
  encryptionKey: "你的32位安全密钥"
});

// 自动生成密钥
await skills.envSecureManager({ action: "init" });

存储敏感密钥

await skills.envSecureManager({
  action: "set",
  key: "OPENAI_API_KEY",
  value: "sk-xxx",
  isSecret: true
});

安全获取密钥

const result = await skills.envSecureManager({
  action: "get",
  key: "OPENAI_API_KEY",
  allowSecret: true // 必须显式授权才能获取敏感值
});

输出自动脱敏

// 即使日志里不小心打印了密钥，也会自动脱敏
const logText = `调用OpenAI API，密钥是sk-xxx，参数是xxx`;
const redacted = await skills.envSecureManager({
  action: "redact",
  text: logText
});
// 输出：调用OpenAI API，密钥是***REDACTED***，参数是xxx

🔧 技术实现说明

使用AES-GCM 256位加密算法，符合企业级安全标准
敏感信息永远不以明文存储，运行时解密
自动脱敏机制支持多值替换，覆盖所有泄露场景
轻量无依赖，不影响Agent执行性能

Usage Guidance

This skill is plausibly what it claims to be, but there are a few red flags and bugs you should consider before installing: (1) the code reads and writes process environment variables (OPENCLAW_ENV_ENCRYPTION_KEY and loadFromEnv reads the environment). If you don't want the skill to access your environment, do not enable it. (2) The module fetches dependencies from deno.land at runtime — review those remote packages or run in an environment with restricted network access. (3) There is a likely implementation bug: loadFromEnv spreads the encrypt() result but doesn't set the stored 'value' field correctly, which can cause runtime errors or unexpected behavior. (4) Prefer providing an explicit encryptionKey when initializing rather than relying on auto-generated keys that the skill writes into the process env. (5) Test this in an isolated workspace (or with non-production secrets) and review/modify the source if you need stricter guarantees (for example, restrict env access or remove Deno.env.set). If you want me to, I can point to the exact lines with the bug and propose a corrected code snippet.

Capability Analysis

Type: OpenClaw Skill Name: env-secure-manager Version: 1.0.1 The env-secure-manager skill provides legitimate utility for managing sensitive environment variables using AES-256-GCM encryption and automated redaction. The implementation in index.ts uses standard Deno crypto libraries and follows the documented behavior without any evidence of data exfiltration, unauthorized access, or malicious intent.

Capability Assessment

ℹ Purpose & Capability

Name/description (AES-256 secret storage, redaction, permissions) align with the included code: the module encrypts/decrypts values, redacts secrets from text, and can load environment variables. However SKILL.md claims 'lightweight no dependencies' yet the code imports zod and std modules from deno.land; also the metadata declares no required env vars but the code reads/writes an OPENCLAW_ENV_ENCRYPTION_KEY environment variable.

⚠ Instruction Scope

The SKILL.md documents loadFromEnv, set/get/redact actions, which matches code. But the implementation reads Deno.env.toObject() (iterates process environment) and will set Deno.env.set('OPENCLAW_ENV_ENCRYPTION_KEY', ...) when auto-generating a key. The metadata did not declare that the skill will read or write environment variables. Reading all env entries (even though it filters by prefix) and writing a process env variable are broader scopes than the registry metadata indicates.

ℹ Install Mechanism

No install spec in registry, but the code includes remote imports from deno.land (zod and std modules). Fetching runtime dependencies from deno.land is common for Deno but it means remote code will be downloaded/executed at runtime — moderate supply-chain risk compared to fully local code.

⚠ Credentials

The skill declares no required env vars, yet init() will read OPENCLAW_ENV_ENCRYPTION_KEY and may write it to the process environment. loadFromEnv iterates the entire environment (via Deno.env.toObject()) and will import keys with a given prefix. This behavior is proportionate to a secret manager only if callers expect the skill to access process env; but that access is not declared and could expose many environment variables if the prefix is broad or changed.

ℹ Persistence & Privilege

The skill does not request 'always:true' and does not modify other skills. It does call Deno.env.set to persist the auto-generated encryption key into the process environment, which changes runtime state and could influence other components. This is not necessarily malicious but is a persistence/side-effect the user should be aware of.

How to Use

Make sure OpenClaw is installed (local or Docker)
Run the install command in chat: /install env-secure-manager
After installation, invoke the skill by name or use /env-secure-manager
Provide required inputs per the skill's parameter spec and get structured output

Version History

v1.0.1

- Removed the skill.yaml file. - Metadata previously in skill.yaml is now moved into SKILL.md for a simplified file structure. - No changes to features or core documentation content.

v1.0.0

Initial release of env-secure-manager. - Securely manages environment variables and secrets with AES-256 encryption. - Auto-redacts sensitive information from outputs to prevent credential leakage. - Provides permission control: explicit authorization required to access sensitive values. - Automatically generates encryption keys on first use, with support for custom keys. - Suitable for managing API keys, passwords, and environment configs in multi-agent setups.

Metadata

Slug env-secure-manager

Version 1.0.1

License MIT-0

All-time Installs 0

Active Installs 0

Total Versions 2

Frequently Asked Questions

What is env-secure-manager?

Secure environment variable & secret management with AES-256 encryption, auto-redaction, permission control, prevent credential leakage. It is an AI Agent Skill for Claude Code / OpenClaw, with 338 downloads so far.

How do I install env-secure-manager?

Run "/install env-secure-manager" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is env-secure-manager free?

Yes, env-secure-manager is completely free, licensed under MIT-0. You can download, install and use it at no cost.

Which platforms does env-secure-manager support?

env-secure-manager is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created env-secure-manager?

It is built and maintained by Ayalili (@ayalili); the current version is v1.0.1.

More Skills