Back to Commands

Slash Command

Community

/env

0

Description

Validate .gitignore protects sensitive files (.env, keys, credentials)

AI Summary

Validates .gitignore protects sensitive files and adds missing security patterns.

Install

1

Add the repository(one-time)

$

/plugin marketplace add iamfiscus/claude-code-scrub

2

Install the plugin

$

/plugin install iamfiscus-scrub@iamfiscus/claude-code-scrub

Argument

[--fix] [directory]

Allowed Tools

BashReadWriteGlob

Command Content

Scrub Env Protection

Validate that .gitignore properly protects sensitive files from being committed.

Usage

Execute the env protection script:

bash "$CLAUDE_PLUGIN_ROOT/scripts/scrub-env.sh" [--fix] [directory]

Options

--fix or -f: Add missing security patterns to .gitignore
directory: Path to check (defaults to current directory)

Checks Performed

1. Required Security Patterns

Ensures these are in .gitignore:

.env, .env.*, .env.local
*.pem, *.key, *.p12, *.pfx
*.keystore, *.jks
id_rsa, id_ed25519
credentials.json, secrets.json
*.log

2. Recommended Patterns

Warns if missing (not auto-added):

node_modules/, __pycache__/
.DS_Store, Thumbs.db
*.swp, *.swo
.idea/, .vscode/
*.sqlite, *.db

3. Tracked Sensitive Files

Alerts if sensitive files are already tracked by git and provides commands to untrack them.

Examples

/scrub:env - Check .gitignore coverage
/scrub:env --fix - Add missing security patterns
/scrub:env ./my-project - Check specific project

Fixing Tracked Files

If sensitive files are already tracked:

git rm --cached .env
git rm --cached credentials.json
git commit -m "Remove tracked sensitive files"

Links

GitHub Stats

0 forks

Updated 5 days ago

Other plugins with /env

Check and manage .env configuration - conflict detection, unique IDs

Bash(docker-local:*)ReadEdit+1

3

Zeigt wichtige Umgebungsvariablen und Shell-Config

0

Check Speck plugin environment and configuration

0

/env | scrub | ClaudePluginHub