From armory
Validates .env files against code references, manifests, and examples for missing variables, type mismatches, insecure defaults, and unused entries before deployment.
npx claudepluginhub mathews-tom/armory --plugin armoryThis skill uses the workspace's default tool permissions.
Validates environment variable configurations by cross-referencing `.env` files against
Implements Playwright E2E testing patterns: Page Object Model, test organization, configuration, reporters, artifacts, and CI/CD integration for stable suites.
Guides Next.js 16+ Turbopack for faster dev via incremental bundling, FS caching, and HMR; covers webpack comparison, bundle analysis, and production builds.
Discovers and evaluates Laravel packages via LaraPlugins.io MCP. Searches by keyword/feature, filters by health score, Laravel/PHP compatibility; fetches details, metrics, and version history.
Validates environment variable configurations by cross-referencing .env files against
project requirements. Catches missing variables, type errors, insecure defaults, and
orphaned entries before they cause runtime failures.
| File | Contents | Load When |
|---|---|---|
references/validation-rules.md | Built-in validation rules and severity definitions | Always |
.env file (or equivalent) in the project.env.example, docker-compose.yml, or deployment manifests for cross-referencingLocate environment configuration sources in the project:
.env in the project root. If absent, check for .env.local, .env.development, .env.production.env.example or .env.template — this defines the expected variablesos.environ, process.env, env::var, os.Getenv patterns to find variables referenced in codedocker-compose.yml, Dockerfile, k8s/ manifests for ${VAR} or ENV VAR patternsReport what was found before proceeding.
Build the expected variable schema from discovered sources:
For each variable found across all sources, record:
| Field | Source |
|---|---|
| Name | Variable name (e.g., DATABASE_URL) |
| Required | Present in code references or marked required in example |
| Type hint | Inferred from usage (URL, integer, boolean, string, path) |
| Default | Value in .env.example if present |
| Used in | List of files that reference this variable |
Run these checks against the primary .env file:
Missing required variables (CRITICAL)
.env.env.example without a default but absent from .envType mismatches (HIGH)
PORT=abc when code does int(os.environ["PORT"])DEBUG=yes when code expects boolean (true/false)Insecure defaults (HIGH)
SECRET_KEY=changeme, PASSWORD=password, API_KEY=xxxDEBUG=true or DEBUG=1 in production-targeted filesUnreferenced variables (MEDIUM)
.env not referenced anywhere in code or manifestsFormat issues (LOW)
KEY=VALUE formatSee references/validation-rules.md for the complete rule catalog.
Produce a structured validation report:
# Environment Validation Report
**File:** `.env`
**Schema:** `.env.example` + code references
**Verdict:** PASS | FAIL
## Summary
| Severity | Count |
|----------|-------|
| CRITICAL | N |
| HIGH | N |
| MEDIUM | N |
| LOW | N |
## CRITICAL
### [ENV-001] Missing required variable: DATABASE_URL
- **Referenced in:** `src/db.py:12`, `docker-compose.yml:8`
- **Expected type:** URL (postgresql://...)
- **Fix:** Add `DATABASE_URL=postgresql://user:pass@localhost:5432/dbname` to `.env`
## HIGH
...
## Unreferenced Variables
| Variable | In .env | In Code | In Manifests | Status |
|-----------------|---------|---------|--------------|--------------|
| LEGACY_API_KEY | Yes | No | No | Unreferenced |
## Recommendations
1. [Highest priority fix]
2. [Second fix]
| Error | Resolution |
|---|---|
| No .env file found | Report absence; check for alternative env sources |
| No .env.example or schema | Validate based on code references only |
| Binary or very large .env | Skip; report as unsupported format |
| No code references found | Validate format and security only; skip completeness |