← 返回 Skills 市场
747
总下载
0
收藏
3
当前安装
1
版本数
在 OpenClaw 中安装
/install env-setup
功能描述
Scan codebase for environment variables, generate .env.example, validate .env, and ensure .gitignore safety
使用说明 (SKILL.md)
env-setup — Environment Variable Manager
Scan your codebase for all referenced environment variables, generate .env.example, validate your current .env, and ensure secrets aren't committed.
Steps
1. Scan Codebase for Environment Variables
Search for env var references across all common patterns:
# Node.js / JavaScript / TypeScript
grep -rn "process\.env\.\w\+" --include="*.js" --include="*.ts" --include="*.jsx" --include="*.tsx" . | grep -v node_modules | grep -v dist
# Python
grep -rn "os\.environ\|os\.getenv\|environ\.get" --include="*.py" . | grep -v __pycache__ | grep -v .venv
# Rust
grep -rn "env::var\|env::var_os\|dotenv" --include="*.rs" . | grep -v target
# Go
grep -rn "os\.Getenv\|os\.LookupEnv\|viper\." --include="*.go" . | grep -v vendor
# Docker / docker-compose
grep -rn "\${.*}" --include="*.yml" --include="*.yaml" docker-compose* 2>/dev/null
# General .env references in config files
grep -rn "env\." --include="*.toml" --include="*.yaml" --include="*.yml" . 2>/dev/null
Windows PowerShell alternative:
Get-ChildItem -Recurse -Include *.js,*.ts,*.jsx,*.tsx -Exclude node_modules,dist | Select-String "process\.env\.\w+"
Get-ChildItem -Recurse -Include *.py -Exclude __pycache__,.venv | Select-String "os\.environ|os\.getenv"
2. Extract Variable Names
Parse grep output to extract unique variable names:
process.env.DATABASE_URL→DATABASE_URLos.environ.get("SECRET_KEY", "default")→SECRET_KEY(default:default)os.getenv("API_KEY")→API_KEYenv::var("RUST_LOG")→RUST_LOG
Deduplicate and sort alphabetically. Note which file and line each var is referenced in.
3. Classify Variables
Categorize each variable:
| Category | Pattern | Examples |
|---|---|---|
| 🔴 Secrets | *KEY*, *SECRET*, *TOKEN*, *PASSWORD*, *CREDENTIAL* |
API_KEY, JWT_SECRET |
| 🟡 Service URLs | *URL*, *HOST*, *ENDPOINT*, *URI* |
DATABASE_URL, REDIS_HOST |
| 🟢 Configuration | *PORT*, *ENV*, *MODE*, *LEVEL*, *DEBUG* |
PORT, NODE_ENV, LOG_LEVEL |
| ⚪ Other | Everything else | APP_NAME, MAX_RETRIES |
4. Generate .env.example
Create .env.example with descriptions, categories, and safe defaults:
# ============================================
# Environment Configuration
# Generated by env-setup skill
# ============================================
# --- App Configuration ---
NODE_ENV=development
PORT=3000
LOG_LEVEL=info
# --- Database ---
DATABASE_URL=postgresql://user:password@localhost:5432/dbname
# --- Authentication (🔴 SECRET — never commit real values) ---
JWT_SECRET=change-me-in-production
API_KEY=your-api-key-here
# --- External Services ---
REDIS_URL=redis://localhost:6379
Rules:
- Secrets get placeholder values (
change-me,your-xxx-here) - Config vars get sensible defaults
- Group by category with comment headers
- Add
🔴 SECRETwarning on sensitive vars
5. Validate Current .env
If .env exists, compare against discovered variables:
## .env Validation Report
### ❌ Missing (required by code but not in .env)
- `STRIPE_SECRET_KEY` — referenced in src/billing.ts:14
- `SMTP_PASSWORD` — referenced in src/email.ts:8
### ⚠️ Unused (in .env but not referenced in code)
- `OLD_API_ENDPOINT` — may be safe to remove
### ✅ Present and referenced
- `DATABASE_URL` ✓
- `PORT` ✓
- `NODE_ENV` ✓
6. Ensure .gitignore Safety
Check that .env is in .gitignore:
grep -q "^\.env$\|^\.env\.\*" .gitignore 2>/dev/null
If not found, offer to add:
# Environment files
.env
.env.local
.env.*.local
Also check git history for accidentally committed .env files:
git log --all --diff-filter=A -- .env .env.local .env.production 2>/dev/null
If found, warn the user that secrets may be in git history and suggest git filter-branch or BFG Repo-Cleaner.
7. Output Summary
# Environment Variable Report
| Metric | Count |
|--------|-------|
| Total vars found | 15 |
| 🔴 Secrets | 4 |
| ❌ Missing from .env | 2 |
| ⚠️ Unused in .env | 1 |
| ✅ Properly configured | 12 |
| .gitignore protection | ✅ |
Edge Cases
- Framework-specific env: Next.js uses
NEXT_PUBLIC_*(client-exposed); flag these distinctly - Docker env: Check
docker-compose.ymlenvironment:section too - Multiple .env files:
.env.development,.env.production,.env.test— validate all - No .env exists: Generate both
.env.exampleand a starter.env - Interpolated vars:
${VAR:-default}in shell scripts — extractVAR
Error Handling
| Error | Resolution |
|---|---|
| No env vars found | Project may not use env vars — confirm with user |
| .env has syntax errors | Flag lines that don't match KEY=value pattern |
| Binary files in scan | Exclude with --binary-files=without-match |
| Permission denied on .env | Check file permissions; may need elevated access |
Built by Clawb (SOVEREIGN) — more skills at [coming soon]
安全使用建议
This skill is coherent with its purpose, but be cautious before applying changes: review the discovered variable list and validation report before writing or committing files. The skill's commands will read your entire repository and may suggest edits (adding .env to .gitignore, creating .env.example, or noting secrets in git history). Do not blindly run history-cleaning advice—back up the repo and follow established secret-removal procedures (rotate exposed credentials, use BFG or recommended workflows). Limit the agent's write permissions to only the repository you want scanned, and review the generated .env.example and any proposed git commits before pushing. If you need stronger secret-detection or automated history rewriting, consider dedicated vetted tools for that purpose.
功能分析
Type: OpenClaw Skill
Name: env-setup
Version: 1.0.0
The 'env-setup' skill is designed to scan code for environment variables, generate `.env.example` files, validate existing `.env` configurations, and ensure `.gitignore` safety. All commands and instructions in `SKILL.md` (e.g., `grep`, `git log`) are directly related to these stated purposes. While the skill interacts with the file system (reading code, `.env` files, git history, and potentially writing `.env.example` and modifying `.gitignore`), these actions are necessary for its functionality and are not used for exfiltration, unauthorized execution, or persistence. There is no evidence of malicious prompt injection, data exfiltration, or other harmful intent.
能力评估
Purpose & Capability
Name and description (scan for env vars, generate .env.example, validate .env, check .gitignore) match the instructions. There are no unrelated credentials, binaries, or install steps requested.
Instruction Scope
SKILL.md contains explicit grep/git commands and parsing guidance that stay within repo-scanning, classification, and file-editing tasks the skill claims. It does suggest modifying .gitignore and creating .env.example (expected for this purpose). It correctly warns about checking git history for accidental commits; these operations require repository read/write access but are coherent with the stated task.
Install Mechanism
No install spec and no code files—instruction-only. This lowers risk because nothing is written to disk by the skill itself beyond any edits the user/agent chooses to perform.
Credentials
Requires no environment variables, credentials, or config paths. The variables it intends to detect are limited to code references and .env files, which is proportionate to its purpose.
Persistence & Privilege
always is false and the skill does not request persistent system presence or modifications to other skills. It may suggest editing repository files (e.g., .gitignore, .env.example) which is appropriate but requires user consent/permission.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install env-setup - 安装完成后,直接呼叫该 Skill 的名称或使用
/env-setup触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
Initial release — scan, document, and safeguard environment variables in your codebase.
- Scans codebase for referenced environment variables in major languages and config files.
- Automatically generates a categorized `.env.example` with comments, safe defaults, and secret warnings.
- Validates your existing `.env` for missing, unused, or misconfigured variables.
- Ensures `.env` files are safely listed in `.gitignore` and checks history for accidental commits.
- Summarizes findings in a clear report with actionable steps.
元数据
常见问题
Env Setup 是什么?
Scan codebase for environment variables, generate .env.example, validate .env, and ensure .gitignore safety. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 747 次。
如何安装 Env Setup?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install env-setup」即可一键安装,无需额外配置。
Env Setup 是免费的吗?
是的,Env Setup 完全免费(开源免费),可自由下载、安装和使用。
Env Setup 支持哪些平台?
Env Setup 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Env Setup?
由 Fratua(@fratua)开发并维护,当前版本 v1.0.0。
推荐 Skills