What files are generated?

.env.example, .env.development, .env.production, and updates to .gitignore are created or appended.

Does this store or expose secrets?

No. It generates placeholders and comments, never saving real secrets or integrating with external secret managers.

How does it protect secrets in git?

It appends standard secret patterns to .gitignore using the provided template, preventing accidental commits.

ln-733-env-configurator

Scanned

npx machina-cli add skill levnikolaevich/claude-code-skills/ln-733-env-configurator --openclaw

Files (1)

SKILL.md

5.3 KB

Paths: File paths (shared/, references/, ../ln-*) are relative to skills repo root. If not found at CWD, locate this SKILL.md directory and go up one level for repo root.

ln-733-env-configurator

Type: L3 Worker Category: 7XX Project Bootstrap Parent: ln-730-devops-setup

Configures environment variables for development and production environments.

Purpose & Scope

Creates environment configuration files:

Does: Generate .env files, update .gitignore for secrets protection
Does NOT: Store secrets, manage external secrets managers, configure CI/CD secrets

Inputs

Input	Source	Description
Project Name	Directory name	Used for database/service naming
Backend Port	Stack-dependent	5000 (.NET), 8000 (Python)
Frontend Port	Default	3000
Database Port	Default	5432
Detected Vars	Code analysis	Environment variables found in code

Outputs

File	Purpose	Template
`.env.example`	Documented template	env_example.template
`.env.development`	Local development defaults	env_development.template
`.env.production`	Production placeholders	env_production.template
`.gitignore` (append)	Secrets protection	gitignore_secrets.template

Workflow

Phase 1: Environment Discovery

Scan project for existing environment usage:

Check for existing .env files
Search code for process.env, os.environ, Configuration[]
Identify which variables are secrets vs configuration

Output: List of required environment variables with types

Phase 2: Variable Classification

Classify discovered variables:

Category	Examples	Treatment
Database	DATABASE_URL, POSTGRES_*	Auto-generate with project name
API Config	API_PORT, LOG_LEVEL	Use detected or defaults
Security	JWT_SECRET, API_KEY	Placeholder with warning
External	REDIS_URL, SMTP_*	Comment out as optional

Phase 3: Template Generation

Generate environment files from templates:

Apply variable substitution
Include all discovered variables
Add comments for undocumented variables

Phase 4: Gitignore Update

Append secrets protection to .gitignore:

Read existing .gitignore (if exists)
Check if secrets patterns already present
Append missing patterns from template
Preserve existing entries

Generated File Structure

.env.example

Documented template with all variables:

Section headers (Database, Backend, Frontend, Security, External)
Descriptive comments for each variable
Safe placeholder values (never real secrets)
Optional variables commented out

.env.development

Ready-to-use development configuration:

Pre-filled values that work with docker-compose
Development-only secrets (clearly marked)
Debug-level logging enabled

.env.production

Production placeholder file:

${VARIABLE} syntax for deployment substitution
Comments indicating required secrets
Production-appropriate defaults (Warning log level)

Security Best Practices

Practice	Implementation
No real secrets	Placeholder values only in templates
Gitignore protection	All .env files except .env.example
Development warnings	Mark dev secrets as insecure
Production guidance	Comments about secrets manager usage
Key rotation reminder	Note about regular secret rotation

Security Notes

Generated files include these security reminders:

Never commit real secrets - .gitignore prevents accidental commits
Use secrets manager - GitHub Secrets, AWS Secrets Manager for production
Rotate secrets regularly - Especially JWT secrets
Strong JWT secrets - Minimum 256 bits (32 bytes)
Restrict CORS - Only allow necessary origins in production

Quality Criteria

Generated files must:

.env.example contains all required variables
No real secrets or passwords in any file
.gitignore updated with secrets patterns
.env.development works with docker-compose
.env.production uses placeholder syntax

Critical Notes

Template-based: Use templates from references/. Do NOT hardcode file contents.
Idempotent: Check file existence. Append to .gitignore, don't overwrite.
No Real Secrets: Never generate files with actual passwords or API keys.
Development Safety: Development defaults should work out-of-box with docker-compose.

Reference Files

File	Purpose
env_example.template	Documented .env template
env_development.template	Development defaults
env_production.template	Production placeholders
gitignore_secrets.template	.gitignore additions

Version: 1.1.0 Last Updated: 2026-01-10

Source

git clone https://github.com/levnikolaevich/claude-code-skills/blob/master/ln-733-env-configurator/SKILL.mdView on GitHub

Overview

ln-733-env-configurator automates environment setup for development and production. It scans the codebase for env usage, classifies variables into Database, API Config, Security, and External categories, and generates .env templates. It also updates .gitignore to protect secrets and explicitly does not store secrets or manage external secret managers.

How This Skill Works

The tool discovers environment usage across the project, then generates template files and applies variable substitutions for discovered vars. It produces .env.example, .env.development, and .env.production, and appends secret patterns to .gitignore using a dedicated template. It does not retrieve or store actual secrets, keeping them out of the repo.

When to Use It

Bootstrapping a new project and wiring up standard environment templates for development and production.
Adding environment variable discovery to an existing repo to surface required vars.
Preparing production-ready placeholders and gitignore rules before deployment.
Enforcing secrets protection by updating or creating a .gitignore with standard patterns.
Synchronizing env config across a multi-service or monorepo to ensure consistency.

Quick Start

Step 1: Run the skill from the repo root to begin discovery.
Step 2: Review the generated .env.example and .env.* files; adjust placeholders if needed.
Step 3: Commit the changes and push to your repo; ensure secrets remain protected in .gitignore.

Best Practices

Never store real secrets in templates; use placeholders.
Verify .gitignore updates actually cover all env files.
Review undocumented variables and add clear comments in templates.
Keep default values aligned with your docker-compose or deployment environment.
Rotate secrets regularly and document where to configure them in your prod setup.

Example Use Cases

Node/Express API with React frontend using .env.* files and a shared/ config.
Python Flask app with DATABASE_URL and API keys surfaced from code.
.NET Core microservices relying on DATABASE_URL, API_PORT, and JWT_SECRET placeholders.
Monorepo with multiple services sharing env vars via a central .env.* strategy.
Docker Compose-based deployment using env templates for development and production.

Frequently Asked Questions

Add this skill to your agents