Does it automatically sanitize application logs?

It provides guidance and code implementation patterns to ensure that tokens and sensitive identifiers are not printed to console or log files.

Is this skill compatible with existing CI/CD workflows?

Yes, it reinforces standard security best practices that align with modern DevOps and CI/CD pipelines for configuration management.

Does this skill help with documentation?

Absolutely. It ensures that whenever a new environment variable is added, a corresponding placeholder is created in the .env.example file for other contributors.

Can it help with frontend security in React or Next.js?

Yes, it specifically detects when secrets are being used in client-side code and suggests moving those operations to secure server-side routes.

How does this skill prevent secret leaks?

It instructs Claude to never commit sensitive keys to version control, emphasizing the use of local .env files and sanitized .env.example templates.

Security Environment Manager

Name: Security Environment Manager
Author: sanmak

bysanmak

•

セキュリティとテスト

Enforces secure handling of environment variables and secrets by preventing credential leaks in code repositories.

The Security Environment skill provides Claude with specialized guardrails for managing sensitive configurations and credentials. It ensures that API keys, database strings, and other secrets are stored exclusively in local environment files while maintaining synchronized example templates for team documentation. By prioritizing server-side variable usage and identifying potential leaks in client-side code, it helps developers maintain high security standards and prevents the accidental exposure of sensitive data to version control.

主な機能

01Promotes secure server-only environment variable patterns

021 GitHub stars

03Enforces strict .env storage for all sensitive credentials

04Guides log sanitization to prevent accidental token leakage

05Identifies and prevents secret exposure in client-side code

06Automates updates to .env.example for better documentation

ユースケース

01Migrating sensitive client-side variables to secure server-side routes

02Standardizing environment documentation for onboarding new developers

03Safely adding new third-party API keys to a project configuration

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add sanmak/kritarch-lite security-env

For use in Claude.ai and ChatGPT

Download Skill