v1.0.2Securitysecurityenv-varssecretsconfiguration

Environment Security Audit

This audit covers 18 checks across environment variable exposure risks, secrets management practices, .env file hygiene, server-side vs client-side variable segregation, and configuration drift between environments. AI tools frequently expose secrets through client bundles or commit them to version control — this audit catches those patterns before they reach production.

What's Included

Total Checks

Delivery Formats

Full

Complete prompt for Claude Code, Cursor, or Windsurf. Best for large context tools.

Chunked

Split into sections for Bolt, Lovable, or v0. Paste one section at a time.

Generic

Chat-optimized version for any AI assistant. Works in ChatGPT, Claude.ai, etc.

Changelog

v1.0.1

Fixed invalid prompt_hash — replaced placeholder/non-hex value with actual SHA-256 digest of prompt content

2026-02-23

v1.0.0

Initial release

2026-02-01

v1.0.2

Hardened curl commands with -sS -L flags for redirect following and error visibility. Added response validation guidance to Step 3.

2026-02-23