← Back to Skills Marketplace
Env Alias Audit
by
Daniel Lummis
· GitHub ↗
· v1.0.0
261
Downloads
0
Stars
0
Active Installs
1
Versions
Install in OpenClaw
/install env-alias-audit
Description
Audit .env alias groups for missing required config, conflicting values, and canonical-key drift before deploy.
README (SKILL.md)
Env Alias Audit
Use this skill to catch environment-variable alias drift before runtime failures.
What this skill does
- Parses env vars from
.env-style files - Evaluates canonical key + alias groups (built-in defaults or custom spec)
- Flags missing required groups
- Detects conflicting values across aliases in the same group
- Reports alias-only usage where canonical keys are absent
Inputs
Optional:
ENV_FILE(default:.env)ALIAS_SPEC_FILE(default: built-in alias groups)REQUIRED_GROUPS(comma-separated canonical keys that must resolve)AUDIT_MODE(reportorstrict, default:strict)
Run
Use built-in alias groups:
ENV_FILE=.env \
REQUIRED_GROUPS=DATABASE_URL,STRIPE_API_KEY \
bash skills/env-alias-audit/scripts/audit-env-aliases.sh
Use custom alias spec:
ENV_FILE=.env.production \
ALIAS_SPEC_FILE=skills/env-alias-audit/fixtures/alias-spec.sample \
AUDIT_MODE=report \
bash skills/env-alias-audit/scripts/audit-env-aliases.sh
Run against fixtures:
ENV_FILE=skills/env-alias-audit/fixtures/.env.conflict \
REQUIRED_GROUPS=DATABASE_URL,STRIPE_API_KEY \
bash skills/env-alias-audit/scripts/audit-env-aliases.sh
Alias spec format
ALIAS_SPEC_FILE accepts one group per line:
CANONICAL_KEY=ALIAS_ONE,ALIAS_TWO
- Comments and blank lines are ignored
- Canonical key is always part of the checked group
Output contract
- Exit
0when no strict failures are found - Exit
1on invalid input, missing required groups (strict), or conflicting alias values - Prints per-group status (
OK,WARN,FAIL) plus a summary
Usage Guidance
This skill appears to do exactly what it says: audit .env alias groups for missing or conflicting values. Before installing/running it, ensure you: 1) run it in a controlled environment (so snippets of secret values printed by the script won't leak to shared logs), 2) review any ALIAS_SPEC_FILE you point it at to confirm it's local and trusted, and 3) if you want stricter secrecy, modify the script's printing (short()) to fully redact values in logs. No network access or unrelated credentials are requested by the skill.
Capability Analysis
Type: OpenClaw Skill
Name: env-alias-audit
Version: 1.0.0
The skill is a utility for auditing environment variable files (.env) to detect conflicting values or missing required keys across alias groups. The core logic in scripts/audit-env-aliases.sh (Python via Bash) parses local files and reports status to the console without any network activity, data exfiltration, or suspicious execution patterns.
Capability Assessment
Purpose & Capability
The name/description match the implementation: the script parses .env-style files, evaluates canonical/alias groups, checks required groups, and reports conflicts. Required binaries (bash, python3) are exactly what's needed to run the provided wrapper script and embedded Python logic.
Instruction Scope
SKILL.md instructs running the included script against a specified ENV_FILE and optional ALIAS_SPEC_FILE. The script only reads the given files, validates alias groups, and prints status; it does not call external network endpoints, spawn unexpected commands, or read unrelated system files.
Install Mechanism
There is no install spec and no external downloads. This is an instruction-only skill with a bundled script, so nothing is fetched from third-party URLs or installed system-wide.
Credentials
The skill requests no credentials or special env vars beyond optional inputs (ENV_FILE, ALIAS_SPEC_FILE, REQUIRED_GROUPS, AUDIT_MODE). However, it will read the target env file (which may contain secrets) and prints short previews of values (truncating longer values). If you run this against production .env files, those value snippets may appear in logs or console output—consider running in a safe environment or modifying the script to redact outputs more aggressively.
Persistence & Privilege
The skill does not request permanent presence (always:false), does not modify other skills, and does not write persistent system configuration. It only reads specified files and exits with appropriate status codes.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install env-alias-audit - After installation, invoke the skill by name or use
/env-alias-audit - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
Initial release of env-alias-audit.
- Audits .env files for missing required config, conflicting alias values, and canonical-key drift.
- Supports built-in or custom alias group specifications.
- Flags missing required groups and reports alias-only usage without the canonical key.
- Configurable via environment variables for env file, alias spec, required groups, and audit mode.
- Provides clear output with per-group status and summary; exits nonzero on failures in strict mode.
Metadata
Frequently Asked Questions
What is Env Alias Audit?
Audit .env alias groups for missing required config, conflicting values, and canonical-key drift before deploy. It is an AI Agent Skill for Claude Code / OpenClaw, with 261 downloads so far.
How do I install Env Alias Audit?
Run "/install env-alias-audit" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Env Alias Audit free?
Yes, Env Alias Audit is completely free (open-source). You can download, install and use it at no cost.
Which platforms does Env Alias Audit support?
Env Alias Audit is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created Env Alias Audit?
It is built and maintained by Daniel Lummis (@daniellummis); the current version is v1.0.0.
More Skills