Can it help with GDPR and PII compliance?

Yes, it identifies patterns where sensitive PII like email addresses, credit card numbers, or SSNs are being logged in plaintext or exposed in URLs.

How does it handle different levels of security risks?

The skill uses a severity classification system ranging from Minor (sensitive comments) to Critical (hardcoded production credentials) to help prioritize fixes.

Does it provide suggestions for fixing security issues?

Yes, it offers best practice guidance and code examples for using environment variables, data masking, and secure error handling.

What types of secrets can this skill detect?

It detects a wide range of secrets including database passwords, Stripe API keys, AWS credentials, JWT secrets, and private RSA/EC keys.

Sensitive Data Security Scanner

Name: Sensitive Data Security Scanner
Author: dykyi-roman

bydykyi-roman

•

보안 및 테스팅

Analyzes PHP codebases to identify and remediate sensitive data exposure, including secrets, credentials, and PII.

The check-sensitive-data skill provides an automated security audit layer for PHP applications by detecting common patterns of sensitive data exposure. It scans for hardcoded passwords, API keys, credentials committed to version control, and personally identifiable information (PII) leaked in logs, URLs, or error messages. By utilizing specific detection patterns and severity classifications, it helps developers implement secure environment variables, data masking, and robust error handling to prevent critical security breaches before deployment.

주요 기능

01Scans for sensitive configuration files and backups in version control

0245 GitHub stars

03Detects hardcoded credentials, API keys, and JWT secrets in PHP code

04Highlights debug information and sensitive comments left in production code

05Flags insecure data storage and weak encryption implementations

06Identifies PII exposure in application logs and API response data

사용 사례

01Ensuring PII compliance by checking logging and error-handling logic

02Conducting automated security audits during the CI/CD pipeline

03Reviewing legacy PHP codebases for hidden hardcoded credentials

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add dykyi-roman/awesome-claude-code check-sensitive-data

For use in Claude.ai and ChatGPT

Download Skill