Documentation Index
Fetch the complete documentation index at: https://envcp.org/docs/llms.txt
Use this file to discover all available pages before exploring further.
EnvCP Documentation
Welcome to EnvCP - Secure environment variable management for AI-assisted coding.What’s New in v1.2.0
EnvCP v1.2.0 brings significant security improvements and new features:- Security Audit Fixes: All High and Medium severity findings addressed including CORS bypass prevention, backup auto-restore hardening, Windows command injection protection, and config file permission hardening
- Advanced Memory Hardening: Zero-sensitive memory buffers,
mlockprotection, core dump prevention - Brute-Force Protection: Progressive lockout system with exponential backoff delays
- Python Package Work: Python wrapper support today, with Rust core work in the repository
- Auto-Startup Service: System service installation with
envcp service install - Enhanced API Key Enforcement: Stricter validation and rotation policies
- Config Integrity Protection: Digital signatures and tamper detection
- Release Channels: Beta and canary release tracks for early testing
Quick Navigation
Getting Started
Platform Guides
- Claude Desktop / Cursor / Cline (MCP)
- ChatGPT / OpenAI API
- Gemini / Google AI
- Local LLMs (Ollama, LM Studio)
- REST API
Advanced Topics
Reference
What is EnvCP?
EnvCP is a secure environment variable manager designed specifically for AI-assisted coding workflows. It allows AI agents to reference your secrets and environment variables by name without ever seeing the actual values.Key Features
- Local-only storage - Your secrets never leave your machine
- AES-256-GCM encryption - Military-grade encryption at rest
- Reference-based access - AI references variables by name, never sees values
- Multi-platform support - Works with Claude, ChatGPT, Gemini, local LLMs, and more
- AI access control - Granular control over what AI can access
- Session management - Unlock once, work seamlessly
- Automatic .env sync - Keep your .env files up to date
- Memory hardening - Zero-sensitive buffers, mlock protection, core dump prevention (v1.2.0+)
- Brute-force protection - Progressive lockout with exponential backoff (v1.2.0+)
- Python package support - Python wrapper today, with Rust core work in-repo (v1.2.0+)
- Auto-startup service - System service installation for always-on availability (v1.2.0+)
How It Works
- You store secrets - Add your API keys, database URLs, and other secrets to EnvCP
- AI references by name - When AI needs a secret, it asks for it by variable name
- EnvCP handles access - EnvCP checks access rules and provides values only when appropriate
- Values stay encrypted - All data is encrypted at rest with your password
Why EnvCP?
When working with AI coding assistants, you often need to reference API keys, database credentials, and other secrets. Traditional approaches have problems:- Hardcoding secrets - Insecure and easy to accidentally commit
- Pasting secrets in chat - Exposes them to AI providers and chat logs
- Manual .env editing - Tedious and error-prone
Quick Start
Platform Compatibility
EnvCP works with all major AI platforms:| Platform | Support | Protocol |
|---|---|---|
| Claude Desktop | ✓ Native | MCP |
| Claude Code | ✓ Native | MCP |
| Cursor | ✓ Native | MCP |
| Cline (VS Code) | ✓ Native | MCP |
| Continue.dev | ✓ Native | MCP |
| Zed Editor | ✓ Native | MCP |
| ChatGPT | ✓ Via API | OpenAI Function Calling |
| GPT-4 API | ✓ Via API | OpenAI Function Calling |
| Gemini | ✓ Via API | Google Function Calling |
| Gemini API | ✓ Via API | Google Function Calling |
| Local LLMs (Ollama) | ✓ Via API | REST / OpenAI-compatible |
| LM Studio | ✓ Via API | REST / OpenAI-compatible |
| Open WebUI | ✓ Via API | REST |
| Any HTTP Client | ✓ Via API | REST |
Support
- GitHub Issues: Report bugs or request features
- Security Issues: contact@fentz.dev