Grepping through source, it looks like $SCTL_KEY and $SCTL_ENVELOPE are the only two env vars supported. It would be nice if $SCTL_ENVELOPE was documented. I can do this if you want, but please confirm that these are in fact the only two environment variables sctl cares about.