Free CLI Tool

EnvLock CLI

Catch leaks, missing vars, and Git mishaps before they tank your deploy—locally, no cloud required.

  • $Spot exposed secrets in commits/logs (AI auto-commits included)
  • $Validate syntax, types, and multi-env consistency in seconds
  • $Auto-fix placeholders—zero hassle
Weekly npm downloads for EnvLock CLI

MIT Licensed | Node.js >=18 | View on npm

$ npm install -g @envlock/cli$ npx envlock health

(Paste in your terminal—safe, local-only scans.)

$ envlock health
[SCAN] EnvLock Health Check - my-project
- Phase 1: Loading environment files and scanning code...
✔ Loaded 5 variables from .env files, 3 from examples; found 6 variables referenced in code
- Phase 2: Analyzing dependencies and checking variables...
✔ Analyzed dependencies (2 required by 1 packages); found 2 missing, 1 unused variables; identified 1 security risks
- Phase 3: Detecting issues and reviewing history...
✔ Detected 0 logged variables, 1 syntax issues; found 0 Git history flags
- Phase 4: Validating metadata and consistency...
✔ Validated metadata (found 0 expired variables); checked naming (0 inconsistencies) and frameworks (0 warnings)
- Phase 5: Finalizing analysis...
✔ Analysis complete
- Missing Variables
API_KEY
DATABASE_URL (Required by: prisma@^5.0.0)
! Security Risks
AWS_SECRET_KEY - potential secret based on naming pattern
- Syntax Issues
.env:5 - Unquoted value with spaces
- Unused Variables
DEBUG
Actions needed: 4 fixes
✓ Health check completed!

Sample repo: Flags a missing API key + Git leak, suggests fixes. (Your results may vary—test on a fresh clone!)

Powerful Features

Everything you need to maintain healthy environment variables across your projects

Missing Variables Detection
Finds env vars used in code but not defined in .env files
Security Risk Assessment
Flags potential secrets based on naming patterns and actual values
Syntax Validation
Checks for .env file syntax errors and common mistakes
Git History Scanning
Detects AI-suspected commits and .env file modifications
Logging Detection
Identifies when sensitive environment variables are logged
Naming Consistency
Warns about inconsistent naming conventions across files
Expiration Metadata
Parses @expire comments and warns about expired variables
Framework Warnings
Enforces prefix conventions for Vite, React, Vue, and more
Dependency Tracking
Detects env vars required by 87+ popular packages
Auto-Fix Capabilities
Adds placeholder values to missing variables automatically
Monorepo Support
Local: Custom include/exclude patterns | Vault: Multi-Team
CI/CD Ready
Local: Strict mode for pipelines | Vault: Advanced integrations

Ready to level up your env management?

Join our waitlist for exclusive updates to advanced features and integrations.

Back to home

EnvLock CLI - Free .env File Health Checks | EnvLock | EnvLock