env-secrets-manager

# Env & Secrets Manager **Tier:** POWERFUL **Category:** Engineering **Domain:** Security / DevOps / Configuration Management --- ## Overview Manage environment-variable hygiene and secrets safety across local development and production workflows. This skill focuses on practical auditing, drift awareness, and rotation readiness. ## Core Capabilities - `.env` and `.env.example` lifecycle guidance - Secret leak detection for repository working trees - Severity-based findings for likely credentials - Operational pointers for rotation and containment - Integration-ready outputs for CI checks --- ## When to Use - Before pushing commits that touched env/config files - During security audits and incident triage - When onboarding contributors who need safe env conventions - When validating that no obvious secrets are hardcoded --- ## Quick Start ```bash # Scan a repository for likely secret leaks python3 scripts/env_auditor.py /path/to/repo # JSON output for CI pipelines python3 scripts/env_auditor.py /path/to/repo --json ``` --- ## Recommended Workflow 1. Run `scripts/env_auditor.py` on the repository root. 2. Prioritize `critical` and `high` findings first. 3. Rotate real credentials and remove exposed values. 4. Update `.env.example` and `.gitignore` as needed. 5. Add or tighten pre-commit/CI secret scanning gates. --- ## Reference Docs - `references/validation-detection-rotation.md` - `references/secret-patterns.md` --- ## Common Pitfalls - Committing real v...