playbooks

home / skills / andrelandgraf / fullstackrecipes / config-schema-setup

config-schema-setup skill

/.agents/skills/config-schema-setup

This skill validates and enforces type-safe environment configurations using a Zod-inspired schema, covering server and client fields, feature flags, and

npx playbooks add skill andrelandgraf/fullstackrecipes --skill config-schema-setup

Review the files below or copy the command above to add this skill to your agents.

Files (1)
SKILL.md
605 B
---
name: config-schema-setup
description: Type-safe environment variable validation using Zod with a Drizzle-like schema API. Supports server/public fields, feature flags, either-or constraints, and client-side protection.
---

# Type-Safe Environment Configuration

To set up Type-Safe Environment Configuration, refer to the fullstackrecipes MCP server resource:

**Resource URI:** `recipe://fullstackrecipes.com/config-schema-setup`

If the MCP server is not configured, fetch the recipe directly:

```bash
curl -H "Accept: text/plain" https://fullstackrecipes.com/api/recipes/config-schema-setup
```

Overview

This skill provides a TypeScript-first, type-safe environment variable validation system using Zod with a Drizzle-like schema API. It organizes configuration into server-only and public fields, supports feature flags, either-or constraints, and includes client-side protection patterns. The goal is predictable runtime validation and clear compile-time types for full-stack AI apps. It ships as a set of production-ready patterns and step-by-step recipes.

How this skill works

You define a declarative schema using a Drizzle-style API that maps directly to Zod validators. The system generates strict runtime checks and infers TypeScript types so you get end-to-end type safety for env vars. It enforces server/public separation, validates mutually exclusive or either-or constraints, and produces client-safe subsets to avoid leaking secrets. Validation runs at startup and fails fast with descriptive errors.

When to use it

  • When you need strict, typed validation of environment variables in a TypeScript full-stack app.
  • When you must prevent accidental exposure of server-only secrets to the client.
  • When feature flags or mutually exclusive config options require formal validation.
  • When you want early-failure validation at app startup with readable error messages.
  • When you want a consistent schema-driven approach across multiple services or deployments.

Best practices

  • Declare separate server and public fields explicitly to avoid leaking secrets.
  • Use Zod refinements for complex constraints and either-or rules for mutual exclusion.
  • Keep feature flags as explicit booleans or typed enums and document their runtime behavior.
  • Run validation during the application bootstrap to fail fast and provide actionable logs.
  • Generate and export inferred TypeScript types from the schema for use throughout the codebase.

Example use cases

  • A full-stack AI app that validates API keys and exposes only non-secret settings to the browser.
  • A deployment pipeline that checks feature flags and either-or DB credentials before promoting releases.
  • A monorepo where multiple services consume a shared schema with consistent type guarantees.
  • A server-rendered app that must ensure environment shape consistency across staging and production.

FAQ

Can I use this with existing Zod schemas?

Yes. The API is Zod-compatible and can compose with existing Zod validators and refinements.

How does client-side protection work?

Schemas mark fields as public or server-only and the tool extracts only public fields for client bundles, preventing secret leakage.