⚠️Install with caution. This skill has very few installs. Always review the source and verify it on clawhub.ai before installing. Community-built skills run with agent permissions — only install ones you trust.

🔐 Security & Audit

FlyAI Env Guardianv1.0.0

Name: FlyAI Env Guardian
Author: dingtom336-gif

flyai-env-guardian

dingtom336-gif

Protect sensitive environment variables from accidental exposure in commits, logs, and CI pipelines with automated scanning and pre-commit validation.

latest

Download Package View on ClawHub

Installs (all time)

Installs (current)

Downloads

294

Stars

CreatedMar 31, 2026

UpdatedMar 31, 2026

Install & Quick Start

Install via ClawdBot CLI:

clawdbot install dingtom336-gif/flyai-env-guardian

Skill Package2 files

📋SKILL.mdmarkdown

Failed to load file.

Quality Score

B58/100

Grade Fair — based on market validation, documentation quality, package completeness, maintenance status, and authenticity signals.

Market Validation4/35

· 110 downloads (low demand)
· No tracked installs (may still have real users via manual install)

Documentation20/25

· SKILL.md present
· Detailed documentation (≥3000 chars)
· Contains usage examples or trigger description
· Detailed summary

Package Completeness9/15

· skillAssets present (1 files)

Security Analysis

💙 Low Risk

UNDOCUMENTED_EXTERNALlow

Calls external URL not in known-safe list

http://internal-api.corp:8080

Audited Apr 17, 2026 · audit v1.0

💡

Usage Guide

Generated May 10, 2026

DevelopersDevOps EngineersSecurity Teamsbeginner

💡 Application Scenarios

Pre-Commit Secret Detection for DevelopersSoftware Development

A developer is about to commit code that accidentally includes hardcoded API keys. The skill scans staged files, blocks the commit, and suggests moving secrets to .env files for secure management.

New Project Environment SetupTechnology Startups

When starting a new project, this skill helps establish secure .env file patterns including .env.example and .env.test templates, ensuring teams adopt best practices from the beginning.

Security Audit of Legacy CodebaseCybersecurity

A security team audits an existing codebase for exposed credentials like database passwords or private keys. The skill performs deep git history scans and reports all critical finds.

CI/CD Pipeline Secret ValidationDevOps / CI-CD

Integrate with GitHub Actions to validate that no .env files are in build artifacts and that required environment variables are set. The skill checks PR diffs for new secrets.

Docker Image Security CheckCloud Infrastructure

Before deploying a Docker container, the skill scans the image for embedded credentials, ensuring that secrets are not hardcoded and are instead managed via Docker secrets or runtime .env mounts.

💼 Business Models

Freemium Developer ToolSubscription per developer per month (free tier limited to 1 repo; paid $10/user/month)

Offer a free tier for individual developers with basic scanning capabilities, and a premium plan with advanced features like CI/CD integration, custom patterns, and team dashboards.

Security Compliance Add-OnEnterprise licensing starting at $5,000/year per organization

Pitch the skill as an add-on to existing CI/CD platforms (GitHub Actions, GitLab CI) for enterprises needing compliance with SOC2, HIPAA, or GDPR secret management requirements.

Consulting and Remediation ServicesProject-based fees ($10k-$50k per engagement) + ongoing support retainer

Combine the scanning tool with manual security audits, remediation workshops, and custom policy creation for organizations with legacy codebases needing thorough secret cleanup.

💬 Integration Tip

Add the skill as a pre-commit hook via .git/hooks/pre-commit and configure .envguardian.json for custom patterns; for CI, use GitHub Actions by adding a workflow step that runs flyai env-guardian scan --ci.