MINARA

Environment Variables

Every env var the agent reads, grouped by category, with defaults and consumers

This page is the per-variable reference. For the convention (how to add a new env var, the loader, the checklist), see Getting Started → Environment Variables. The canonical template with blank values lives at .env.example at the repo root.

Conventions used in the tables

ColumnMeaning
VariableEnv var name. UPPER_SNAKE, provider-prefixed.
Default means no default; missing the var either gates a feature or fails boot (see the Effect column).
FormatExpected value shape.
ConsumerFile or module that reads the var.
EffectWhat happens when the var is unset, or what the var enables when set.

Variables with safety-critical behavior have an extra prose note directly below their table.

Precedence

Variables exported by your shell, CI, or systemd win over values in .env. The loader does not overwrite existing keys. See loader details.


LLM providers

At least one LLM path must resolve at boot: ANTHROPIC_API_KEY, OPENROUTER_API_KEY, or a stored OAuth profile from minara login openai | anthropic | openrouter. If none resolve, the process refuses to start with NoProviderAvailableError.

VariableDefaultFormatConsumerEffect
ANTHROPIC_API_KEYsk-ant-...apps/agent/src/llm/select-provider.tsPrimary Claude credential. Unset: falls through to stored OAuth profile, then OpenRouter.
OPENROUTER_API_KEYsk-or-...apps/agent/src/llm/openrouter.tsAlternative router over many models. Unset: tried only if Anthropic paths fail.
OPENAI_API_KEYsk-...apps/agent/src/tools/image.ts, research KBImage generation + KB embeddings. Unset: image tools silently disable, KB embedding skipped.
OLLAMA_API_KEYfrom ollama.com/settings/keysapps/agent/src/llm/v2/custom-loaders.tsOllama Cloud credential. Unset: the ollama provider is unavailable.
OLLAMA_BASE_URLhttps://ollama.comabsolute URLapps/agent/src/llm/v2/custom-loaders.tsOverride the Ollama host (self-hosted / enterprise / local http://localhost:11434).

Minara core

VariableDefaultFormatConsumerEffect
MINARA_API_KEYmnr_...apps/agent/src/minara/client.ts, safe-trading-client.tsMinara REST credential. Unset: falls back to saved device-flow JWT; else NoMinaraAuthError.
MINARA_BASE_URLproduction URLabsolute URLapps/agent/src/minara/client.ts, apps/agent/src/gateway/server.ts, apps/agent/src/gateway/auth-cli.tsOverride for staging / self-host. Unset: production.
AGENT_MODELclaude-sonnet-4-6provider model idapps/agent/src/gateway/cli.ts, apps/agent/src/gateway/server.tsMain agent-loop model. Also settable via minara model use <id>.
MINARA_DATA_DIR~/.minaraabsolute pathapps/agent/src/gateway/cli.ts, apps/agent/src/app/bootstrap.ts, sandboxRoot for SQLite + sandbox + auth + logs. Empty value falls back to default.
FILES_URL_BASE/v1/filesabsolute URL or pathapps/agent/src/app.tsPublic prefix for file links. Set when behind a reverse proxy.
OFFLINE_MODEoff1/true/yes/onapps/agent/src/tools/_shared/fetch-timeout.tsHard-disable outbound HTTP from sandbox tools. Unset: normal online behavior.
LOG_LEVELinfodebug|info|warn|errorapps/agent/src/core/logger.tsGlobal logger threshold. debug produces ~4× volume but is safe.

HTTP gateway

Only matters for npm run serve / node dist/gateway/server.js.

VariableDefaultFormatConsumerEffect
GATEWAY_PORT8080integer 1–65535apps/agent/src/gateway/server.tsTCP port the gateway binds.
GATEWAY_AUTH_TOKENopaque stringapps/agent/src/gateway/server.tsBearer token required on every /v1/... route. Unset: auth disabled, every request accepted.
WEBHOOK_PORTinteger 1–65535apps/agent/src/gateway/server.tsOptional dedicated port for inbound webhooks. Unset: webhook routes live on GATEWAY_PORT.

Never expose an unauthenticated gateway to the internet. Fund-moving tools are reachable through /v1/chat. Set GATEWAY_AUTH_TOKEN to a high-entropy value (e.g. openssl rand -hex 32) before binding to any non-loopback interface. See HTTP API → Authentication.


Safety and fund-moving

VariableDefaultFormatConsumerEffect
MINARA_SKIP_FUND_CONFIRMoff1/true/yes/onapps/agent/src/tools/_shared/confirm.tsBypasses the confirm: true gate on every fund-moving tool handler.

MINARA_SKIP_FUND_CONFIRM is the only process-wide bypass of the handler-level confirmation gate. The LLM cannot skip it; the REPL cannot skip it. Use it only in non-interactive contexts (backtests, server-side workflow engine, CI smoke tests). Never set it in an interactive REPL session or on a production deployment unless you are certain every caller is non-human.


Builtin tools

Each entry gates one or more tool factories or skills. Missing var means the tool factory returns [] and the gated skill is hidden from the catalog. See Adding a Tool → feature-gating on env.

VariableConsumerEffect
TAVILY_API_KEYapps/agent/src/tools/web.tsGates web_search + web_extract. Unset: research.web degrades to DuckDuckGo scraping.
FAL_KEYapps/agent/src/tools/image.tsEnables Fal.ai image / video models. Optional companion FAL_QUEUE_URL for async jobs.
FAL_QUEUE_URLapps/agent/src/tools/image.tsOverride for a private Fal.ai queue endpoint. Unset: uses Fal's public queue.
MESSAGING_DEFAULT_PROVIDERapps/agent/src/app/messaging.ts, apps/agent/src/tools/messaging.tsDefault provider id for send_message when the caller omits provider (telegram, discord, slack, email, whatsapp, signal, home_assistant). Unset: first configured provider wins.
MESSAGING_MAX_ATTACHMENT_BYTESapps/agent/src/messaging/attachment-resolver.tsPer-attachment size cap applied before any upload. Decimal integer (bytes); values ≤ 0 are ignored. Default: 52 428 800 (50 MB). Provider APIs enforce their own maxima independently.
TELEGRAM_BOT_TOKENapps/agent/src/messaging/telegram.ts<bot_id>:<secret> from @BotFather. Pair with TELEGRAM_CHAT_ID. Configurable via minara gateway add telegram. Supports streaming edits (750ms throttle).
TELEGRAM_CHAT_IDapps/agent/src/messaging/telegram.tsNumeric chat id (negative for channels). Unset: the Telegram path of send_message returns a config error.
TELEGRAM_RICH_TEXTapps/agent/src/messaging/telegram.tsRender replies as Telegram rich text (HTML, falling back to MarkdownV2 then plain). Default on; 0/false/no/off sends plain text. Read once at startup.
SLACK_WEBHOOK_URLapps/agent/src/messaging/slack.tsSlack Incoming Webhook URL. Simplest Slack path — channel baked into the URL, no streaming edits.
SLACK_BOT_TOKENapps/agent/src/messaging/slack.tsSlack bot token (xoxb-...). Enables streaming edits via chat.update (1200ms throttle). Pair with SLACK_CHANNEL_ID.
SLACK_CHANNEL_IDapps/agent/src/messaging/slack.tsDefault Slack channel id (e.g. C0123ABC). Required together with SLACK_BOT_TOKEN.
DISCORD_BOT_TOKENapps/agent/src/messaging/discord.tsDiscord bot token. Enables streaming edits via PATCH /channels/{}/messages/{} (1000ms throttle).
DISCORD_CHANNEL_IDapps/agent/src/messaging/discord.tsDefault Discord channel snowflake id. Bot must have Send Messages (+ Manage Messages for streaming).
HASS_URLapps/agent/src/messaging/home_assistant.tsHome Assistant base URL (no trailing slash). Pair with HASS_TOKEN + HASS_NOTIFY_SERVICE.
HASS_TOKENapps/agent/src/messaging/home_assistant.tsLong-lived access token from your HA profile.
HASS_NOTIFY_SERVICEapps/agent/src/messaging/home_assistant.tsNotify service id (mobile_app_pixel, alexa_tts). Leading notify. prefix is optional. One-shot, no streaming.
SMTP_HOSTapps/agent/src/messaging/email.tsOutbound SMTP host. Pair with SMTP_PORT, SMTP_USER, SMTP_PASSWORD, EMAIL_FROM, EMAIL_TO.
SMTP_PORTapps/agent/src/messaging/email.tsSMTP port (587 STARTTLS / 465 SSL). Adapter picks TLS mode by port.
SMTP_USERapps/agent/src/messaging/email.tsSMTP username. Optional for open relays.
SMTP_PASSWORDapps/agent/src/messaging/email.tsSMTP password or app-specific password. Masked on minara gateway list.
EMAIL_FROMapps/agent/src/messaging/email.tsFrom-address header value.
EMAIL_TOapps/agent/src/messaging/email.tsDefault recipient when send_message omits channel.
WHATSAPP_ACCESS_TOKENapps/agent/src/messaging/whatsapp.tsMeta Cloud API Bearer token (System User). Masked on minara gateway list.
WHATSAPP_PHONE_NUMBER_IDapps/agent/src/messaging/whatsapp.tsNumeric phone-number id from the Meta Developer app.
WHATSAPP_RECIPIENTapps/agent/src/messaging/whatsapp.tsDefault recipient (E.164, e.g. +12025551234).
SIGNAL_CLI_NUMBERapps/agent/src/messaging/signal.tsYour registered Signal sender number (E.164). Validated at construction.
SIGNAL_RECIPIENTapps/agent/src/messaging/signal.tsDefault recipient (E.164). Revalidated per-send; unsafe values are rejected before subprocess.
SIGNAL_CLI_BINARYapps/agent/src/messaging/signal.tsOverride path to the signal-cli binary (default: PATH lookup). Factory returns null silently if the binary isn't found.
TELEGRAM_WEBHOOK_SECRETapps/agent/src/messaging/inbound/server.tsShared secret echoed in X-Telegram-Bot-Api-Secret-Token. Verified constant-time; mismatch → 401. Unset → /webhooks/telegram returns 404.
SLACK_SIGNING_SECRETapps/agent/src/messaging/inbound/server.tsSlack signing secret for HMAC-SHA256 verification over v0:{ts}:{body}. 5-min replay window. Unset → /webhooks/slack returns 404.
DISCORD_APPLICATION_PUBLIC_KEYapps/agent/src/messaging/inbound/server.tsEd25519 public key (hex) for Discord interaction signature verification. Unset → /webhooks/discord returns 404.
MESSAGING_INBOUND_TRANSCRIBEapps/agent/src/messaging/inbound/transcribe.tsEnable OpenAI Whisper transcription for inbound voice attachments. Falsy default. Requires OPENAI_API_KEY. Format: 1/true/yes/on.
MESSAGING_INBOUND_ENABLEDapps/agent/src/app/messaging.tsMaster off switch for the inbound HTTP webhook listener (auto-boots InboundServer + agent-bridge when 1). Off by default; setting it also requires at least one provider secret for routes to accept traffic.
MESSAGING_INBOUND_PORTapps/agent/src/app/messaging.tsPort for the inbound HTTP listener. Default 8787.
MESSAGING_INBOUND_HOSTapps/agent/src/app/messaging.tsBind host for the inbound HTTP listener. Default 127.0.0.1 — production expects a TLS-terminating reverse proxy.
MESSAGING_INBOUND_MAX_BODY_BYTESapps/agent/src/app/messaging.tsPer-request body cap for inbound webhooks. Default 4194304 (4 MB).
MESSAGING_INBOUND_HISTORY_TURNSapps/agent/src/messaging/inbound/session-router.tsSliding-window size for inbound session history fed to agentLoop.run(). Default 20. Invalid values fall back to default.
MESSAGING_INBOUND_DISABLE_STREAMINGapps/agent/src/app/messaging.tsForce one-shot replies instead of createStreamSink token-by-token edits for inbound turns. Off by default (streaming enabled). Useful for tests / slow channels.
MESSAGING_INBOUND_GC_INTERVAL_MSapps/agent/src/app/messaging.tsInterval for the periodic attachment-retention sweep. Default 3600000 (1 h). 0 disables the timer (manual minara inbound gc only).
MESSAGING_INBOUND_ATTACHMENT_RETENTION_DAYSapps/agent/src/messaging/inbound/attachment-gc.tsAge (days) after which inbound attachment BYTES are deleted from sandbox/inbound/<sess>/. SQLite metadata survives. Default 90.
MESSAGING_INBOUND_SESSION_RETENTION_DAYSapps/agent/src/messaging/inbound/attachment-gc.tsAge (days) after which the whole session row (+ cascade inbound_messages) is purged. Default 180.
WHATSAPP_VERIFY_TOKENapps/agent/src/messaging/inbound/server.tsShared token for WhatsApp's one-time hub.verify challenge. Set when registering the webhook URL in the Meta dashboard. Unset → GET /webhooks/whatsapp returns 404.
WHATSAPP_APP_SECRETapps/agent/src/messaging/inbound/server.tsMeta app secret — HMAC-SHA256 key for verifying X-Hub-Signature-256 on every POST. Unset → POST /webhooks/whatsapp returns 404.
MESSAGING_SIGNAL_INBOUNDapps/agent/src/app/messaging.tsIndependent off switch for the Signal daemon (signal-cli daemon --socket). Off by default. Requires SIGNAL_CLI_NUMBER to be configured. Format: 1/true/yes/on.
SIGNAL_CLI_SOCKET_PATHapps/agent/src/app/messaging.tsUNIX socket path the Signal daemon binds + we connect to. Default <dataDir>/signal.sock.
TWITTERAPI_API_KEYapps/agent/src/tools/providers/twitterapi.tsThird-party scraper. Gates research.social.twitter via requires_env.
X_API_BEARER_TOKENapps/agent/src/tools/providers/x-api.tsOfficial X API v2 app-only Bearer from console.x.com. Gates the x.api skill.
GLASSNODE_API_KEYapps/agent/src/tools/providers/glassnode.tsGlassnode on-chain metrics. Gates research.onchain.glassnode.
QDRANT_URLapps/agent/src/skills/builtin/research/knowledge-base.tsVector KB endpoint. Gates research.knowledge_base. Pair with OPENAI_API_KEY for embeddings.
QDRANT_API_KEYapps/agent/src/skills/builtin/research/knowledge-base.tsOptional auth for Qdrant Cloud. Local docker usually needs no key.

TWITTERAPI_API_KEY and X_API_BEARER_TOKEN are distinct. The former goes through a third-party scraper; the latter speaks directly to api.x.com/2. Either or both can be set.


E2B cloud sandbox

E2B is opt-in. The local code/shell sandbox remains the default even when E2B is configured. The router only hands work to workspace.e2b when the user names it explicitly ("e2b", "cloud sandbox", "isolated VM"), unless FORCE_E2B=1 flips the contract.

VariableDefaultFormatConsumerEffect
E2B_API_KEYopaque keyapps/agent/src/tools/providers/e2b.tsGates workspace.e2b. Unset: local sandbox only.
FORCE_E2Boff1/true/yes/onapps/agent/src/app/bootstrap.ts, apps/agent/src/tools/code.ts, apps/agent/src/tools/terminal.tsOps-level override. Disables local sandbox, routes all code/shell to E2B. Requires E2B_API_KEY or boot fails.

Autonomous turns (cron, workflow, price-alert) cannot auto-activate workspace.e2b without an operator-authored workflow that explicitly declares it in skill_scope. The workflow engine's trustedSeed path emits a loud audit log whenever that escape is exercised. See Workflows.


MCP integrations

See MCP Integration for the runtime semantics. All entries below are independently gated; missing envs don't break anything else.

VariableFormatConsumerEffect
MCP_SERVERSJSON arrayapps/agent/src/app/mcp.tsOverrides default MCP servers. Example: [{"name":"defillama","command":"npx","args":[…]}].
DEFILLAMA_API_KEYopaque stringapps/agent/src/defillama/client.tsDefiLlama Pro API key. Gates the 10 defillama.* builtin skills. Injected as URL path prefix on Pro-host calls. Replaces retired DEFILLAMA_MCP_TOKEN / mcp.defillama.com path. Unset: all 10 skills hide from catalog.
MCP_EVM_RPC_URLstreamable-HTTP URLapps/agent/src/app/mcp.tsmcp.evm_rpc skillRaw EVM JSON-RPC sub-agent. Bounded at 15 steps / 240s per query.
MCP_ETHERSCAN_URLstreamable-HTTP URLapps/agent/src/app/mcp.tsmcp.etherscan skillEtherscan-style explorer across 60+ EVM chains.
MCP_SOLSCAN_URLstreamable-HTTP URLapps/agent/src/app/mcp.tsmcp.solscan skillSolscan-compatible Solana explorer.
MCP_GOPLUS_URLstreamable-HTTP URLapps/agent/src/app/mcp.tsmcp.goplus skillGoPlus multi-chain Web3 security analytics. Leave unset in prod if you want v1 semantics.

All URL vars must advertise the streamable-HTTP MCP transport. The v1 SSE endpoints will not work.


External skills

Vendored skills under apps/agent/src/skills/external/ consume these through requires_env gating or by having the LLM read them via the terminal tool. Missing var means the corresponding skill is hidden from the catalog.

VariableSkill(s)Header / usage
CMC_PRO_API_KEYcmc-api-crypto, cmc-api-dex, cmc-api-exchange, cmc-api-marketHeader X-CMC_PRO_API_KEY
COINGECKO_API_KEYcoingeckox-cg-pro-api-key (Pro) or x-cg-demo-api-key
COINANK_API_KEYcoinank (derivatives: OI, funding, liquidations, whale tracking, order flow, ETF)Header apikey
COINGLASS_API_KEYcoinglassHeader CG-API-KEY
FMP_API_KEYfmp — gates the external.fmp built-in skill. Public-equity quotes, technicals, fundamentals, analysts, calendar, SEC, news, screener, macro, sectors, ETF. 2026-04-20: migrated from the MCP_FMP_URL sub-agent to a vendored external skill.Query param ?apikey=
OKX_API_KEYokx-* family (wallet / DEX / onchain / security / agentic wallet / DeFi / x402)Used by the onchainos CLI
PRIVATE_KEYpolymarketEVM signer hex (0x…)
RPC_URLpolymarketAbsolute EVM RPC endpoint
POLY_BUILDER_API_KEYpolymarketBuilder API credential
POLY_BUILDER_SECRETpolymarketBuilder API credential
POLY_BUILDER_PASSPHRASEpolymarketBuilder API credential

PRIVATE_KEY is a hot wallet key. Treat the machine that holds it as a trading terminal. Never put it in a shared or multi-user environment. Prefer hardware-wallet-backed signing where possible.

The three POLY_BUILDER_* variables must be set together. Partial configuration leaves the Polymarket skill in a half-configured state that fails on first authenticated call.


Reading the inventory programmatically

# Which env vars are set right now?
minara config list

# Which env-gated skills and tools are currently available?
minara skills list
minara tools list

# Full doctor report with env coverage
minara doctor

minara doctor is the fastest way to see which provider, tools, and skills are actually live given the env you've loaded. Missing credentials surface as yellow warnings rather than silent gaps.

Changes to this page

Adding or removing an env var requires updating all four locations in the same commit:

  1. .env.example at the repo root.
  2. apps/agent/docs-src/env-vars.md, the authoritative internal reference.
  3. This page.
  4. Getting Started → Environment Variables inventory table.

Reviewers reject PRs that touch process.env.<NAME> without matching doc updates. The convention is recorded in Conventions §1.

On this page