FlyAI Env Guardian
v1.0.0Protect sensitive environment variables from accidental exposure in commits, logs, and CI pipelines with automated scanning and pre-commit validation.
⭐ 0· 46·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
The name and description match the SKILL.md content: scanning staged files, checking .env hygiene, recommending pre-commit hooks and CI checks. The skill does not request unrelated credentials or broad system access. One minor mismatch: the documentation references tools/operations (git history scanning, Docker image scanning, git-secrets, GitHub Actions checks) that implicitly require binaries or services (git, docker, image scanners) but the registry entry lists no required binaries; this is plausible for an instruction-only skill but worth noting.
Instruction Scope
The SKILL.md stays within repository and CI/CD hygiene tasks (scanning files, regex/entropy checks, updating .gitignore, generating .env.example, blocking commits). It does not instruct exfiltration or contacting external endpoints. However, several optional actions (deep git-history scans, Docker image scanning, validating workflow secrets) require access to repository history and additional tools; the skill does not declare those dependencies and will rely on the agent environment to provide them. The allowedTools list (Bash, Read, Grep, Glob) implies shell-level file access, which is appropriate but broad — you should review any hooks or auto-fix actions before enabling them.
Install Mechanism
There is no install spec and no code files; it's instruction-only. This minimizes risk from arbitrary downloads or installs.
Credentials
The skill requests no environment variables or credentials. Its recommended actions (e.g., suggesting moving secrets to .env) are consistent with its purpose. There are no surprising secret requests or config path accesses declared.
Persistence & Privilege
always is false and there is no install-time persistence. disable-model-invocation is false (the default) which allows autonomous invocation — expected for skills. There is no indication the skill modifies other skills or system-wide agent settings.
Assessment
This skill appears to do what it claims: scan repositories for exposed secrets and help set up pre-commit/CI checks. Before enabling it, consider: (1) the skill runs shell-style operations (Bash, Grep, Read) and will need access to your repository files and git history — run it on a safe/test repo first; (2) optional features (history scan, Docker image scanning, workflow validation) require external tools (git, docker, image scanners, git-secrets, etc.); ensure those tools are available and trusted; (3) review any generated pre-commit hooks or auto-fix changes (.gitignore, .env.example) before committing—disable autoFix until you inspect outputs; (4) confirm the agent executing the skill has only the repository-level access you intend (it could read any file the agent can access); and (5) there are no declared network endpoints or credential requests, but if you integrate the recommendations into CI you will need to provision secrets there manually and rotate any exposed credentials immediately.Like a lobster shell, security has layers — review code before you run it.
latestvk97d19xkdge3813jw4gpx2bnzx83yg57
License
MIT-0
Free to use, modify, and redistribute. No attribution required.