Secrets Scanner
intermediatesecurityMin 32K context
Scans code, configuration, and git history for leaked credentials such as API keys, tokens, private keys, and connection strings. Classifies findings by severity and false-positive likelihood, and provides safe remediation steps including rotation, history scrubbing, and pre-commit prevention.
Use Cases
- Finding hardcoded credentials in a repository
- Triaging secret findings by severity and false-positive risk
- Producing rotation and git-history scrubbing steps
- Adding pre-commit hooks to prevent future leaks
Example Prompt
Scan the following files for leaked secrets. For each finding, report the type of credential, a severity, whether it looks like a false positive, and exact remediation steps (rotate, scrub from history, add to ignore). Then propose a pre-commit configuration to prevent future leaks. ``` [paste files / config here] ```
Recommended Models
Compatible Tools
claude-codecursorkiroany
Modalities
Input: code, text
→Output: text, code
Related Skills
Author
OpenModels Community