secrets-gitleaks

Solid

Hardcoded secret detection and prevention in git repositories and codebases using Gitleaks. Identifies passwords, API keys, tokens, and credentials through regex-based pattern matching and entropy analysis. Use when: (1) Scanning repositories for exposed secrets and credentials, (2) Implementing pre-commit hooks to prevent secret leakage, (3) Integrating secret detection into CI/CD pipelines, (4) Auditing codebases for compliance violations (PCI-DSS, SOC2, GDPR), (5) Establishing baseline secret detection and tracking new exposures, (6) Remediating historical secret exposures in git history.

Code & Development 335 stars 29 forks Updated today

Install

View on GitHub

Quality Score: 85/100

Stars 20%

Recency 20%

100

Frontmatter 20%

Documentation 15%

100

Issue Health 10%

License 10%

Description 5%

100

Skill Content

# Secrets Detection with Gitleaks ## Overview Gitleaks is a secret detection tool that scans git repositories, files, and directories for hardcoded credentials including passwords, API keys, tokens, and other sensitive information. It uses regex-based pattern matching combined with Shannon entropy analysis to identify secrets that could lead to unauthorized access if exposed. This skill provides comprehensive guidance for integrating Gitleaks into DevSecOps workflows, from pre-commit hooks to CI/CD pipelines, with emphasis on preventing secret leakage before code reaches production. ## Quick Start Scan current repository for secrets: ```bash # Install gitleaks brew install gitleaks # macOS # or: docker pull zricethezav/gitleaks:latest # Scan current git repository gitleaks detect -v # Scan specific directory gitleaks detect --source /path/to/code -v # Generate report gitleaks detect --report-path gitleaks-report.json --report-format json ``` ## Core Workflows ### 1. Repository Scanning Scan existing repositories to identify exposed secrets: ```bash # Full repository scan with verbose output gitleaks detect -v --source /path/to/repo # Scan with custom configuration gitleaks detect --config .gitleaks.toml -v # Generate JSON report for further analysis gitleaks detect --report-path findings.json --report-format json # Generate SARIF report for GitHub/GitLab integration gitleaks detect --report-path findings.sarif --report-format sarif ``` **When to use**: Initi...

Details

Author: aiskillstore
Repository: aiskillstore/marketplace
Created: 5 months ago
Last Updated: today
Language: Python
License: None

Integrates with

GitLab · DevTools

Similar Skills

Semantically similar based on skill content — not just same category

AI & Automation Featured

implementing-secret-scanning-with-gitleaks

This skill covers implementing Gitleaks for detecting and preventing hardcoded secrets in git repositories. It addresses configuring pre-commit hooks, CI/CD pipeline integration, custom rule authoring for organization-specific secrets, baseline management for existing repositories, and remediation workflows for exposed credentials.

13,115 Updated today

mukul975

AI & Automation Solid

secret-detection-scanner

Detect secrets, credentials, and sensitive data in code and configurations. Scan git history for secrets, detect API keys, tokens, passwords, check environment files, monitor CI/CD logs for exposure, generate remediation steps, and track secret rotation status.

1,160 Updated today

a5c-ai

DevOps & Infrastructure Featured

implementing-secrets-scanning-in-ci-cd

Integrate gitleaks and trufflehog into CI/CD pipelines to detect leaked secrets before deployment

13,115 Updated today

mukul975

AI & Automation Solid

secret-detection

Detect secrets in code, git history, and running containers — pre-commit hooks, CI scanning, and incident response for exposed credentials.

15 Updated today

sawrus

Code & Development Listed

tenet-secrets

Scans committed files and history for hardcoded tokens, keys, passwords, and private secrets.

0 Updated today

inceptyon-labs