← 返回 Skills 市场

Env Config Manager

Name: Env Config Manager
Author: kaiyuelv

作者 Lv Lancer · GitHub ↗ · v1.0.0 · MIT-0

cross-platform ⚠ suspicious

总下载

当前安装

版本数

在 OpenClaw 中安装

/install env-config-manager

功能描述

Manage environment configs with loading, switching, encryption, key rotation, validation, and team-safe secret sharing for .env, YAML, and JSON files.

使用说明 (SKILL.md)

env-config-manager - 环境配置管理器

Metadata

Field	Value
Name	env-config-manager
Slug	env-config-manager
Version	1.0.0
Homepage	https://github.com/openclaw/env-config-manager
Category	development
Tags	env, config, dotenv, secrets, yaml, json, encryption, variables

Description

English

A comprehensive environment configuration manager for handling .env files, YAML/JSON configs, secret encryption, and multi-environment switching. Supports key rotation, variable validation, and team-safe secret sharing.

中文

环境配置管理器，用于管理 .env 文件、YAML/JSON 配置、密钥加密和多环境切换。支持密钥轮换、变量验证和团队安全共享。

Requirements

Python 3.8+
python-dotenv >= 1.0.0
PyYAML >= 6.0
cryptography >= 41.0.0
click >= 8.0.0

Configuration

Environment Variables

ENV_MANAGER_KEY=your-master-encryption-key
ENV_MANAGER_ENV=development

Usage

Load and Switch Environments

from env_config_manager import EnvManager

# Load .env file
env = EnvManager.load(".env")

# Switch to production config
env.switch("production")

# Get variable with fallback
db_url = env.get("DATABASE_URL", default="sqlite:///default.db")

Encrypt Secrets

from env_config_manager import SecretVault

vault = SecretVault(key="your-master-key")
encrypted = vault.encrypt("super-secret-api-key")
# Store encrypted in .env: API_KEY=ENC(vault,encrypted_value)

decrypted = vault.decrypt(encrypted)

Validate Configuration

from env_config_manager import ConfigValidator

schema = {
    "DATABASE_URL": {"required": True, "type": "url"},
    "PORT": {"required": True, "type": "int", "min": 1024, "max": 65535},
    "DEBUG": {"required": False, "type": "bool", "default": False}
}

validator = ConfigValidator(schema)
errors = validator.validate(env)

API Reference

EnvManager

load(path) - Load environment from file
switch(env_name) - Switch to named environment
get(key, default=None) - Get variable value
set(key, value) - Set variable
save(path) - Save current state to file
diff(other_env) - Compare two environments

SecretVault

encrypt(plaintext) - Encrypt a secret
decrypt(ciphertext) - Decrypt a secret
rotate_key(new_key) - Re-encrypt with new key

ConfigValidator

validate(env) - Validate environment against schema
add_rule(key, rule) - Add validation rule

Examples

See examples/ directory for complete examples.

Testing

cd /root/.openclaw/workspace/skills/env-config-manager
python -m pytest tests/ -v

License

MIT License

安全使用建议

The package documentation promises secret encryption, key rotation and YAML/JSON handling, but the actual code only implements basic .env file operations and validation. Do not supply any real encryption keys, API keys, or production secrets to this skill. If you need the advertised features, ask the author or inspect the repository for the missing implementation of SecretVault/EnvManager classes and the encryption code. If you plan to use it, run the bundled tests locally, review scripts/env_manager.py line-by-line, and consider running it in an isolated environment until you confirm it does what the docs claim. If you require true encrypted secret handling, prefer a well-audited tool or confirm that encryption is actually implemented and properly reviewed before storing production secrets.

功能分析

Type: OpenClaw Skill Name: env-config-manager Version: 1.0.0 The skill bundle provides basic environment variable management functionality, including loading, saving, switching, and validating .env files. While there is a significant discrepancy between the documentation (SKILL.md/README.md), which claims to support AES-256 encryption and an object-oriented API, and the actual implementation (scripts/env_manager.py), which is a simple functional wrapper around python-dotenv, the code itself is safe. It performs local file operations consistent with its stated purpose and contains no evidence of malicious intent, data exfiltration, or unauthorized execution.

能力标签

requires-sensitive-credentials

能力评估

⚠ Purpose & Capability

The skill's description and SKILL.md claim features (SecretVault, AES-256-GCM encryption, key rotation, YAML/JSON management, team-safe sharing) that are not implemented in scripts/env_manager.py. The code exposes functions for load/save/switch/get/set/validate/diff for dotenv files only. This mismatch indicates the skill does not actually provide several of the capabilities it advertises.

⚠ Instruction Scope

SKILL.md and README reference environment variables (ENV_MANAGER_KEY, ENV_MANAGER_ENV) and high-level classes (EnvManager, SecretVault, ConfigValidator) that the runtime code does not define. SKILL.md also suggests running tests in a hard-coded workspace path (/root/.openclaw/...), which is a minor oddity but likely just an example. The instructions do not direct network calls or reading unrelated system paths, but they do mention secrets-related environment variables that are not declared in registry metadata.

ℹ Install Mechanism

No install spec is provided (instruction-only), and the package includes requirements.txt suggesting installation via pip. The requirements include cryptography and PyYAML even though the implementation doesn't use cryptography for encryption and only imports yaml without leveraging YAML features. This is disproportionate but not an active install-time red flag (no external downloads or extract steps).

⚠ Credentials

Registry metadata lists no required environment variables but SKILL.md documents ENV_MANAGER_KEY and ENV_MANAGER_ENV as configuration. ENV_MANAGER_KEY would be a sensitive secret if used; the fact it is documented but not declared and not actually used in the code is inconsistent. Requesting a master encryption key would be reasonable for an encryption feature, but here it's unimplemented — avoid providing such secrets to this skill until functionality is confirmed.

✓ Persistence & Privilege

The skill does not request elevated persistence (always is false) and uses normal agent invocation defaults. It does not modify other skills or system-wide settings in the included code. No additional privilege concerns detected.

如何使用

确保已安装 OpenClaw（本地或 Docker 部署）
在对话框中输入安装命令：/install env-config-manager
安装完成后，直接呼叫该 Skill 的名称或使用 /env-config-manager 触发
根据 Skill 的参数说明提供必要输入，即可获得结构化输出

版本历史

v1.0.0

env-config-manager 1.0.0 – Initial release - Provides environment config management for `.env`, YAML, and JSON files. - Supports secret encryption, key rotation, and team-safe secret sharing. - Allows multi-environment switching and variable validation. - Includes Python API: EnvManager, SecretVault, and ConfigValidator classes. - Compatible with Python 3.8+; see SKILL.md for requirements and usage.

元数据

Slug env-config-manager

版本 1.0.0

许可证 MIT-0

累计安装 0

当前安装数 0

历史版本数 1

常见问题