AgentSkillsCN

managing-env-vars

妥善管理环境变量与安全密钥,严格区分公钥与私钥。在项目配置或 API 密钥的添加过程中,此方法可助您高效完成安全设置,确保系统运行的可靠性与安全性。

SKILL.md
--- frontmatter
name: managing-env-vars
description: Manages environment variables and security. Distinguishes between public and secret keys. Use when setting up project configuration or adding API keys.

Environment and Security Variables

When to use this skill

  • During project setup.
  • When adding new Appwrite services (Storage, Databases).
  • When deploying to production.

Workflow

  • Create .env.local for local development.
  • Distinguish between NEXT_PUBLIC_ (Client access) and secret keys (Server access).
  • Add .env* to .gitignore.
  • Use process.env.VARIABLE_NAME with fallback or validation.

Required Variables

  • NEXT_PUBLIC_APPWRITE_ENDPOINT: Your Appwrite API endpoint.
  • NEXT_PUBLIC_APPWRITE_PROJECT_ID: Your project ID.
  • APPWRITE_API_KEY: Secret key for server-side operations (DO NOT prefix with NEXT_PUBLIC).

Instructions

  • Leak Prevention: Never commit .env files.
  • Validation: Use a env.ts file with Zod to validate variables at runtime if possible.