dotenv
npmIs dotenv safe to use?
Based on the latest brin safety scan, no vulnerabilities or threats were detected for dotenv v17.3.1. Trust score: 75/100. No known CVE vulnerabilities, no detected threat patterns, and no suspicious capabilities identified. This is an automated, point-in-time assessment.
Install (safety-checked)
dotenv Passed Security Checks
No security concerns detected
0
0
0
No Concerns Detected
No security concerns detected in the latest brin assessment. This is an automated, point-in-time evaluation — security posture may change.
This is an automated, point-in-time assessment and may contain errors. Findings are risk indicators, not confirmed threats. Security posture may change over time. Maintainers can dispute findings via the brin review process.
dotenv Capabilities & Permissions
What dotenv can access when installed. Review these capabilities before using with AI agents like Cursor, Claude Code, or Codex.
Filesystem Access
Reads from the filesystem.
Process Spawning
This package can spawn child processes.
Environment Variables
Accesses the following environment variables.
AGENTS.md for dotenv
Good instructions lead to good results. brin adds dotenv documentation to your AGENTS.md so your agent knows how to use it properly—improving both safety and performance.
brin initVercel's research: 100% accuracy with AGENTS.md vs 53% without →
dotenv Documentation & Source Code
For the full dotenv README, API documentation, and source code, visit the official package registry.
Frequently asked questions about dotenv safety
Install (safety-checked)
Weekly Downloads
Version
17.3.1License
BSD-2-ClauseOther Versions
Last Scanned
Trust Score
Capabilities
Reads files
Spawns child processes
Accesses: DEBUG, DOTENV_CONFIG_DEBUG, DOTENV_CONFIG_DOTENV_KEY...