Skip to content
varlock

Introduction

Varlock is a universal configuration/secrets/environment variable management tool built on top of the @env-spec specification. It provides a comprehensive set of features out of the box that simplify managing, validating, and securing your environment configuration. Whether you need type-safe environment variables, multi-environment management, secure secret handling, or leak prevention, Varlock lets you focus on building your application instead of wrestling with configuration. While it is written in TypeScript, it is language and framework agnostic, and meant to be used in any project that needs configuration at build or boot time, usually passed in via environment variables.

Features

Section titled “Features”

Varlock aims to be the most comprehensive environment variable management tool. It provides a wide range of features out of the box:

  • AI-Safe Config - Your .env.schema gives AI agents full context on your config without ever exposing secret values. Prevent leaks to AI servers by design, and scan for leaked secrets with varlock scan
  • Security - Automatic log redaction for sensitive values, leak detection in bundled code and server responses, and proactive scanning via varlock scan
  • Validation & Type Safety - Powerful validation capabilities with clear error messages, plus automatic type generation for IntelliSense support
  • Secure Secrets - Load secrets from provider plugins (e.g., 1Password, AWS, HashiCorp Vault) or any CLI tool using exec()
  • Multi-Environment Management - Flexible environment handling with support for environment-specific files, local overrides, and value composition
  • Value Composition - Compose values together using functions, references, and external data sources
  • Framework Integrations - Official integrations for Next.js, Vite, Astro, and more, plus support for any language via varlock run
  • Replacement for dotenv - Can be used as a direct replacement for dotenv in most projects with minimal code changes

AI Tooling

Section titled “AI Tooling”

Varlock is purpose-built for the AI era. Your .env.schema gives AI agents full context on your configuration — variable names, types, validation rules, descriptions — without ever exposing secret values. Use varlock scan to catch secrets that may have leaked into AI-generated code, and varlock run to securely inject secrets into AI CLI tools like Claude Code, Cursor, Aider, and Gemini CLI.

Docs MCP

Section titled “Docs MCP”

Varlock provides a Docs MCP server that allows AI tools to search and understand the Varlock documentation. This makes it easier for AI assistants to help you integrate and use Varlock in your projects.

See the MCP guide for setup instructions for Cursor, Claude, Opencode, VS Code, and other MCP-compatible tools.

LLMs.txt

Section titled “LLMs.txt”

Varlock also provides an LLMs.txt file that helps AI models understand how to integrate and interact with your environment variable configuration. See it at https://varlock.dev/llms.txt.

Next Steps

Section titled “Next Steps”

Ready to get started? Check out the Installation guide to set up Varlock in your project.

© 2026 DMNO Inc. All rights reserved.