Can this skill prevent secrets from being pushed to GitHub?

Yes, by running the scanner locally through Claude Code before you commit changes, you can identify and remove secrets before they ever reach your remote repository.

What should I do if the scanner finds a secret?

The skill provides a detailed report with remediation steps, which typically include revoking the compromised key, updating your .gitignore, and moving the secret to a secure environment variable or vault.

How does the Secret Scanner find hidden keys?

The skill uses a combination of regex pattern matching for known service signatures and entropy analysis to detect high-randomness strings that are likely to be unique credentials.

Which file types does the scanner check?

It scans all text-based files in your repository, specifically targeting configuration files like .env, .yaml, .json, and .xml where secrets are commonly misplaced.

Secret Scanner & Credential Guard

Name: Secret Scanner & Credential Guard
Author: BbgnsurfTech

byBbgnsurfTech

•

安全与测试

Scans codebases for exposed API keys, passwords, and sensitive credentials using pattern matching and entropy analysis to prevent security breaches.

The Secret Scanner skill provides an automated way to audit your codebase for sensitive information before it reaches production or version control. By utilizing advanced pattern matching for known providers and entropy analysis for unique strings, it identifies hardcoded secrets such as AWS keys, database credentials, and private keys. It generates detailed reports with precise file locations and actionable remediation steps, making it an essential tool for maintaining high security standards during the AI-assisted development process.

主要功能

01Entropy analysis to identify non-standard random keys and high-risk strings

023 GitHub stars

03Pattern-based detection for major cloud providers like AWS, GCP, and Azure

04Automated scanning of configuration files, scripts, and environment variables

05Detailed reporting including file paths and specific remediation advice

06Proactive vulnerability detection before commits or deployments

使用场景

01Identifying accidentally committed AWS or Google Cloud API keys in source code

02Auditing legacy configuration files for hardcoded database passwords

03Scanning local repositories for private keys (SSH/PGP) before pushing to public platforms

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add bbgnsurftech/claude-skills-collection skill-adapter

For use in Claude.ai and ChatGPT

Download Skill