Env Secrets Manager
技能 已验证 活跃Env & Secrets Manager
To help developers and security teams maintain environment variable hygiene and secrets safety across development and production workflows through practical auditing and detection.
功能
- Manages .env and .env.example lifecycles
- Detects secret leaks in repository working trees
- Provides severity-based findings for credentials
- Offers operational guidance for rotation and containment
- Generates CI-ready outputs for checks
使用场景
- Before pushing commits that touched env/config files
- During security audits and incident triage
- When onboarding contributors to enforce safe env conventions
- When validating that no obvious secrets are hardcoded
非目标
- Managing production secrets directly (recommends dedicated secret stores)
- Automated rotation of secrets (provides workflow guidance instead)
- Replacing comprehensive SAST tools
安装
请先添加 Marketplace
/plugin marketplace add alirezarezvani/claude-skills/plugin install engineering@claude-code-skills质量评分
已验证类似扩展
Soul Guardian
100Drift detection + baseline integrity guard for agent workspace files with automatic alerting support
Audit Dependency Versions
100Audit project dependencies for version staleness, security vulnerabilities, and compatibility issues. Covers lock file analysis, upgrade path planning, and breaking change assessment. Use before a release to ensure dependencies are current and secure, during periodic maintenance reviews, after receiving a security advisory, when upgrading to a new language version, before submitting to CRAN or npm, or when inheriting a project to assess its dependency health.
Codex Diff Develop
100Revisa el diff de la rama actual frente a develop en proyectos Drupal 11 siguiendo la metodología Codex (lógica de negocio, edge cases de hooks/queries, seguridad, performance, completitud). Genera un informe .md en la carpeta del IDE detectado (.antigravity/, .cursor/, .vscode/ o docs/) con hallazgos por severidad y soluciones accionables. Usar cuando el usuario pida "Revisión diff develop", "revisión diff develop", "diff develop", "revisar diff", "codex diff" o expresiones similares con intención de auditar cambios contra develop. Triggers: diff develop, codex diff, revisión diff, lint diff develop, auditar diff.
Azure Container Registry SDK for Python
100Azure Container Registry SDK for Python. Use for managing container images, artifacts, and repositories. Triggers: "azure-containerregistry", "ContainerRegistryClient", "container images", "docker registry", "ACR".
Azure App Configuration SDK for Python
100Azure App Configuration SDK for Python. Use for centralized configuration management, feature flags, and dynamic settings. Triggers: "azure-appconfiguration", "AzureAppConfigurationClient", "feature flags", "configuration", "key-value settings".
Ship Gate
100Pre-production audit that scans a codebase for security, database, deployment, code quality, AI/LLM, dependency, frontend, and observability issues. Intercepts deploy commands and blocks until critical items pass. Stack-agnostic. Use for "run ship gate", "am I ready to ship", "pre-launch audit", "can I deploy", "push to production", "go live checklist", "preflight check". Not for CI/CD setup or infra provisioning.