Configuration

Warden reads environment variables through @warden/env. Application code should not read process.env directly, because validation and defaults live in one package.

ANTHROPIC_API_KEY Required. Primary LLM provider for warden review.

VOYAGE_API_KEY Required for init. Enables the Voyage voyage-code-3 embedding-backed context index.

GOOGLE_GENERATIVE_AI_API_KEY Optional. Enables Anthropic → retry → Google fallback when the primary provider fails transiently.

WARDEN_THINKING_BUDGET Optional. Anthropic extended-thinking budget in tokens. Defaults to 4096.

WARDEN_LOG_LEVEL Optional. Controls log verbosity: silent, error, warn, info, or debug.

WARDEN_SECURITY_CONFIDENCE_FLOOR Optional. Overrides the default security confidence floor. Numeric string from 0.0 to 1.0; Tier 1 security findings bypass the floor.

When adding a variable

Update packages/env/src/index.ts, .env.example, and the documentation together so runtime validation and user-facing setup stay aligned.

Cache location

Local cachegitignored

.warden/cache.sqlite

The SQLite file stores chunks, embeddings, Merkle state, import graph cache, file state, and LLM review cache records. Delete it when you need a clean rebuild; warden init recreates it.

Local-first boundary

Source code and cache files stay on your machine. Network calls happen only for configured providers: Voyage embeddings, Anthropic or Google review formatting, and OSV vulnerability verification.