Can I use this in my existing pre-commit workflow?

Yes, it provides configuration patterns for .pre-commit-config.yaml to integrate detect-secrets seamlessly into your current development process.

What should I do if a secret has already been pushed to Git history?

The skill includes emergency remediation steps, including immediate secret rotation and history cleanup using tools like git-filter-repo.

How does this skill detect secrets?

It uses the detect-secrets tool to scan files for high-entropy strings and known patterns matching API keys, OAuth tokens, passwords, and private keys.

What happens if a false positive is detected?

You can use the baseline management features to audit findings and mark specific items as safe by updating the .secrets.baseline file.

Does it scan all files or just changes?

It supports both full repository scans and staged-only scans, allowing you to validate your entire history or just the files about to be committed.

Git Security Checks

Name: Git Security Checks
Author: laurigates

bylaurigates

•

セキュリティとテスト

Automates secret detection and security validation in Git workflows to prevent credential leaks before they are committed.

This skill provides expert guidance and automated workflows for securing Git repositories using detect-secrets and pre-commit hooks. It enables developers to scan for hardcoded API keys, tokens, and private keys, manage security baselines to handle false positives, and implement robust pre-commit validation. Whether setting up a new security scan pipeline or cleaning up accidentally leaked credentials from Git history, this skill offers the specific bash commands and best practices required to maintain a secure and compliant codebase.

主な機能

01Integration with pre-commit hooks for mandatory security validation

02Automated secret detection for API keys, tokens, and private keys

03Customizable scan parameters and file exclusion patterns

04Baseline management for tracking and auditing false positives

053 GitHub stars

06Step-by-step remediation workflows for leaked credentials

ユースケース

01Implementing a pre-commit security gate to prevent accidental credential commits

02Auditing existing repositories for hardcoded secrets and high-entropy strings

03Automating security scans within CI/CD pipelines to ensure ongoing compliance

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add laurigates/claude-plugins git-security-checks

For use in Claude.ai and ChatGPT

Download Skill