Does it automatically fix the issues found?

While it identifies leaks, it requires user confirmation via the --fix argument to interactively remediate issues by deleting, moving to env vars, or adding to gitignore.

What types of secrets can this skill detect?

It identifies a wide range of credentials including passwords, API keys, AWS access tokens, database connection strings, private keys, and authentication tokens.

Does it scan ignored files?

By default, the skill scans all git-tracked files. It intelligently skips environment variable references like process.env and obvious placeholders.

How does the Secrets Scanner handle large repositories?

The skill automatically splits the file list into ten equal chunks and processes them in parallel using sub-agents to ensure high performance even in large projects.

Where are the scan results stored?

Detailed findings and a full inventory of scanned files are saved as a timestamped Markdown report within the .claude/reports directory of your repository.

Secrets Scanner

Name: Secrets Scanner
Author: kochetkov-ma

bykochetkov-ma

•

安全与测试

Scans git-tracked files for leaked credentials and hardcoded secrets to ensure repository security.

The Secrets Scanner is a high-performance security utility for Claude Code designed to detect sensitive information within a Git repository. It leverages parallel processing with ten specialized agents to rapidly audit files for passwords, API keys, AWS credentials, and database connection strings. By categorizing findings by criticality and providing a comprehensive markdown report, it helps developers identify vulnerabilities before they are exploited. The skill also features an interactive fix mode to help automate remediation through environment variable migration or .gitignore updates, making it an essential tool for maintaining secure development standards.

主要功能

01Predefined detection patterns for API keys, AWS tokens, and DB URLs

02Multi-level criticality categorization from Low to Critical findings

03Parallel scanning with 10 concurrent agents for rapid repository audits

04Interactive remediation mode for fixing, ignoring, or moving secrets

05Automated generation of detailed Markdown reports in .claude/reports

0616 GitHub stars

使用场景

01Standardizing security compliance checks within AI-driven dev workflows

02Cleaning up legacy repositories containing hardcoded sensitive data

03Performing pre-commit security audits to prevent accidental credential leaks

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add kochetkov-ma/claude-brewcode secrets-scan

For use in Claude.ai and ChatGPT

Download Skill