一键导入
check-rico-env
Verify Rico Hunt required environment variables are set without exposing values. Check backend, frontend, and admin/dev env vars.
用 Codex 或 Claude 帮你安装 复制这段 Prompt,粘贴到 Codex、Claude 或其他助手里,让它检查 Skill 页面并帮你完成安装。
菜单
Verify Rico Hunt required environment variables are set without exposing values. Check backend, frontend, and admin/dev env vars.
用 Codex 或 Claude 帮你安装 复制这段 Prompt,粘贴到 Codex、Claude 或其他助手里,让它检查 Skill 页面并帮你完成安装。
基于 SOC 职业分类
Accessibility audit for Rico Hunt. Run contrast checks and review alt text, focus states, ARIA labels, and keyboard navigation in frontend code.
Read-only audit of Rico Hunt AI provider routing. Verify RICO_AI_PROVIDER env var, fallback chain, and provider health without calling live AI APIs.
Verify Rico Hunt authentication rules. Check JWT cookie usage, signup role enforcement, protected route isolation, and no request body user_id.
Verify Rico Hunt chat flow. Inspect public chat session isolation, rate limits, authenticated chat routing, and public session prefixing.
Read-only database health check for Rico Hunt. Verify DATABASE_URL connectivity, key tables, and row counts without exposing user data or mutating anything.
Read-only verification of Rico Hunt job fetching and scoring. Inspect JSearch adapter, provider fallback, and scoring pipeline without calling live APIs.
| name | check-rico-env |
| description | Verify Rico Hunt required environment variables are set without exposing values. Check backend, frontend, and admin/dev env vars. |
| triggers | ["user","model"] |
| allowed-tools | ["read","grep","exec"] |
Verify that Rico Hunt required environment variables are set. This skill never prints secret values — only whether each variable is present or missing.
for v in DATABASE_URL JWT_SECRET JWT_TTL_HOURS COOKIE_SECURE RESET_BASE_URL CORS_ORIGINS \
OPENAI_API_KEY OPEN_AI_API RICO_OPENAI_MODEL RICO_AI_PROVIDER DEEPSEEK_API_KEY HF_TOKEN \
JSEARCH_API_KEY RAPIDAPI_KEY TELEGRAM_BOT_TOKEN TELEGRAM_CHAT_ID \
TELEGRAM_ADMIN_CHAT_ID TELEGRAM_DEV_CHAT_ID TELEGRAM_ADMIN_BOT_TOKEN \
JOTFORM_API_KEY JOTFORM_FORM_ID JOTFORM_WEBHOOK_SECRET \
RICO_ENABLE_AUTO_APPLY RICO_INTERACTIVE_APPLY RICO_REQUIRE_APPROVAL_FOR_APPLICATIONS \
RICO_TELEGRAM_PUBLIC_ALERTS RICO_CRON_SECRET RICO_REDIS_URL REDIS_URL \
EMAIL_USER EMAIL_PASS EMAIL_TO; do
printf "%-40s %s\n" "$v" "$(eval "[ -n \"\$$v\" ] && echo 'set' || echo 'MISSING'")"
done
for v in NEXT_PUBLIC_RICO_API; do
printf "%-40s %s\n" "$v" "$(eval "[ -n \"\$$v\" ] && echo 'set' || echo 'MISSING'")"
done
If you only need the bare minimum for local development, check these first:
DATABASE_URLJWT_SECRETJWT_TTL_HOURSCOOKIE_SECURENEXT_PUBLIC_RICO_APIDATABASE_URL, JWT_SECRET, OPENAI_API_KEY, DEEPSEEK_API_KEY, HF_TOKEN, TELEGRAM_BOT_TOKEN, JOTFORM_API_KEY, EMAIL_PASS, or any other secret..env if the user explicitly asks.