Lesson 737 of 1455
AI for .env Files: Stop Leaking API Keys on GitHub
Use AI to set up environment variables right so you never push a secret to a public repo.
Builders · AI-Assisted Coding · ~4 min read
The big idea
Hardcoding API keys is how teens get banned from APIs and racked up huge bills. AI can teach you the right pattern: .env files, .gitignore, and never committing secrets.
Some examples
- Ask: 'How do I use a .env file in Node.js with the dotenv package?'
- Have AI generate a .gitignore that excludes .env, node_modules, and build folders.
- Get AI to explain why process.env.OPENAI_KEY is safer than hardcoding.
- Ask AI what to do if you already pushed a key by accident.
Try it!
In any project, make a .env file with FAKE_KEY=test123. Add .env to .gitignore. Ask AI to verify your setup is safe.
Key terms in this lesson
Practice this safely
Try this with a school, hobby, or family example where the stakes are low. Use the AI output as a draft you can question, not as the final answer.
- 1Ask AI to explain environment variables in plain language, then underline anything that sounds uncertain or too broad.
- 2Give it one detail from "AI for .env Files: Stop Leaking API Keys on GitHub" and ask for two possible next steps plus one reason each step might be wrong.
- 3Check .env against a trusted source, teacher, adult, expert, or original document before you use it.
End-of-lesson quiz
Check what stuck
8 questions · Score saves to your progress.
Lesson help
Questions are best handled with a grown-up here.
For this age range, Tendril keeps freeform AI chat paused until parent/guardian consent and child-safe moderation are fully verified. Use the quiz, notes, and related lessons below, or ask a parent, guardian, teacher, or librarian to work through the question with you.
Progress saved locally in this browser. Sign in to sync across devices.
Related lessons
Keep going
Builders · 35 min
Tests as Prompts — an Unexpected Superpower
Writing a test first is not just good engineering. It is the clearest possible prompt for an AI. Let's use tests to make AI code reliable.
Builders · 30 min
Python File I/O
Reading and writing files is where real scripts start. Learn the with-statement, path handling, and JSON round-trips.
Builders · 35 min
SQL Basics With AI
SELECT, WHERE, JOIN, GROUP BY. Four keywords run the data world. AI is excellent at SQL because it has read every StackOverflow answer ever.