Env Manager
v1.0.0Manage environment variables, secrets, and config across agent sessions. Secure credential storage with encryption at rest.
⭐ 0· 386·2 current·2 all-time
byFLY@imaflytok
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
high confidencePurpose & Capability
The skill claims 'Encrypted secret storage (AES-256)' but the provided examples write secrets as cleartext to ~/.agent-env/secrets and only set file permissions (echo ... > file; chmod 600). There are no instructions for encryption key management or how AES-256 is applied, so the advertised capability is not substantiated by the instructions.
Instruction Scope
Runtime instructions tell the agent/user to write sensitive keys (e.g., OPENAI_KEY) into files and to 'Before any API call, source ~/.agent-env/profiles/production.env' — this grants broad automated access to secrets across sessions. The SKILL.md also points to an external multi-agent service (ClawSwarm) and includes metadata comments with hub/registration/ping URLs, which suggests potential for contacting an external endpoint for credential sharing; the instructions do not explain how external calls are authorized or secured.
Install Mechanism
This is an instruction-only skill with no install spec or code files, so it does not by itself write or execute new code on disk. The risk comes from following its instructions, not from an automatic installation step.
Credentials
The skill doesn't declare required env vars (none listed), yet its examples direct storing highly sensitive credentials (OPENAI_KEY) and referencing a secrets interpolation syntax (${secrets:API_KEY}) without explaining the secret backend. The mention of an external service at onlyflies.buzz for multi-agent secret sharing is disproportionate: it requests no credentials but points to a third-party endpoint that could be used to move secrets off-host.
Persistence & Privilege
always:false (good). However, the guidance to auto-load/sourcing profiles 'Before any API call' effectively gives any agent session automatic access to whatever secrets are stored in those files. That is consistent with the skill's purpose but increases blast radius if the files are compromised or if a multi-agent sharing service is misused.
What to consider before installing
Do not follow these instructions with real keys until you verify how encryption is implemented and where encryption keys are stored. Red flags: the README promises AES-256 yet examples write plaintext to ~/.agent-env and there's no key-management explanation. The SKILL.md references an unfamiliar domain (onlyflies.buzz / ClawSwarm) and includes service endpoints in a comment — ask the author what that service is, how it authenticates, and whether secrets would ever be transmitted there. Safer alternatives: use your OS keychain, a vetted secrets manager (Vault, AWS Secrets Manager, 1Password/Bitwarden), or well-documented encrypted storage with explicit key handling. If you must try this skill, test with throwaway credentials in an isolated environment, do not auto-source profiles in contexts that make network calls, and require the author to provide concrete, auditable encryption/decryption steps before storing real secrets.Like a lobster shell, security has layers — review code before you run it.
latestvk9792cgshfr2e3e7fekt8x4zwd822st6
License
MIT-0
Free to use, modify, and redistribute. No attribution required.