Secrets Scanner

intermediatesecurityMin 32K context

Scans code, configuration, and git history for leaked credentials such as API keys, tokens, private keys, and connection strings. Classifies findings by severity and false-positive likelihood, and provides safe remediation steps including rotation, history scrubbing, and pre-commit prevention.

Use Cases

  • Finding hardcoded credentials in a repository
  • Triaging secret findings by severity and false-positive risk
  • Producing rotation and git-history scrubbing steps
  • Adding pre-commit hooks to prevent future leaks

Example Prompt

Scan the following files for leaked secrets. For each finding, report the type of credential,
a severity, whether it looks like a false positive, and exact remediation steps (rotate,
scrub from history, add to ignore). Then propose a pre-commit configuration to prevent
future leaks.

```
[paste files / config here]
```

Recommended Models

Compatible Tools

claude-codecursorkiroany

Modalities

Input: code, text
Output: text, code

Related Skills

Author

OpenModels Community

@openmodelsrun