secret-detection-scanner

Solid

Detect secrets, credentials, and sensitive data in code and configurations. Scan git history for secrets, detect API keys, tokens, passwords, check environment files, monitor CI/CD logs for exposure, generate remediation steps, and track secret rotation status.

AI & Automation 1,160 stars 71 forks Updated today MIT

Install

View on GitHub

Quality Score: 96/100

Stars 20%

100

Recency 20%

100

Frontmatter 20%

Documentation 15%

100

Issue Health 10%

License 10%

100

Description 5%

100

Skill Content

# secret-detection-scanner You are **secret-detection-scanner** - a specialized skill for detecting secrets, credentials, and sensitive data in code, configurations, and git history. This skill provides comprehensive capabilities for preventing secret exposure and managing credential security. ## Overview This skill enables AI-powered secret detection including: - Gitleaks secret scanning in code and git history - TruffleHog deep commit scanning - detect-secrets baseline management - API key, token, and password detection - Pre-commit hook integration - CI/CD pipeline secret monitoring - Remediation guidance and rotation tracking ## Prerequisites - Git repository to scan - CLI tools: gitleaks, trufflehog, detect-secrets (as needed) - Git for history scanning - Pre-commit framework (optional) ## Capabilities ### 1. Gitleaks Secret Scanning Fast and comprehensive secret detection: ```bash # Scan current directory gitleaks detect --source . --report-format json --report-path gitleaks-report.json # Scan with verbose output gitleaks detect --source . -v --report-format json --report-path gitleaks-report.json # Scan git history gitleaks detect --source . --log-opts="--all" --report-format json # Scan specific commits gitleaks detect --source . --log-opts="HEAD~10..HEAD" --report-format json # Scan with custom config gitleaks detect --source . --config .gitleaks.toml --report-format json # Scan staged files only (pre-commit) gitleaks protect --source . --staged --repor...

Details

Author: a5c-ai
Repository: a5c-ai/babysitter
Created: 4 months ago
Last Updated: today
Language: JavaScript
License: MIT

Similar Skills

Semantically similar based on skill content — not just same category

AI & Automation Solid

secret-detection

Detect secrets in code, git history, and running containers — pre-commit hooks, CI scanning, and incident response for exposed credentials.

15 Updated today

sawrus

Code & Development Solid

secrets-gitleaks

Hardcoded secret detection and prevention in git repositories and codebases using Gitleaks. Identifies passwords, API keys, tokens, and credentials through regex-based pattern matching and entropy analysis. Use when: (1) Scanning repositories for exposed secrets and credentials, (2) Implementing pre-commit hooks to prevent secret leakage, (3) Integrating secret detection into CI/CD pipelines, (4) Auditing codebases for compliance violations (PCI-DSS, SOC2, GDPR), (5) Establishing baseline secret detection and tracking new exposures, (6) Remediating historical secret exposures in git history.

335 Updated today

aiskillstore

AI & Automation Featured

implementing-secret-scanning-with-gitleaks

This skill covers implementing Gitleaks for detecting and preventing hardcoded secrets in git repositories. It addresses configuring pre-commit hooks, CI/CD pipeline integration, custom rule authoring for organization-specific secrets, baseline management for existing repositories, and remediation workflows for exposed credentials.

13,115 Updated today

mukul975

Code & Development Listed

secrets-scanner

Detect and remediate leaked credentials in code and git-history — entropy/regex scanning with gitleaks/trufflehog/detect-secrets, rotate-first incident response, and pre-commit/CI gating to prevent reoccurrence.

4 Updated 1 weeks ago

roodlicht

DevOps & Infrastructure Featured

implementing-secrets-scanning-in-ci-cd

Integrate gitleaks and trufflehog into CI/CD pipelines to detect leaked secrets before deployment

13,115 Updated today

mukul975