Can I run this on a whole directory?

Absolutely. You can use the command /sensitive-content-scanner [path] to scan entire projects, and it will automatically respect your .gitignore rules.

Does this skill detect custom API keys?

Yes, you can define specific patterns and prefixes in a personal context file for enhanced detection of proprietary secrets and internal service keys.

How do I customize what the scanner looks for?

You can create a ~/.claude/sensitive-content-context.md file to list your specific identifiers, private folder paths, and internal company codenames.

Is it safe for production use?

While highly effective at finding known patterns, it is a heuristic tool. We recommend using it as a primary safety check followed by a final human review for critical public releases.

Can I use this for automated scripts?

Yes, the skill includes a --json mode specifically designed for providing machine-readable output that can be piped into other automation tools.

Sensitive Content Scanner

Name: Sensitive Content Scanner
Author: dazuck

bydazuck

•

安全与测试

Scans repositories and local files for sensitive data like credentials, PII, and private paths before they are shared or published.

关于

The Sensitive Content Scanner is a robust security auditing tool designed to prevent accidental data leaks by identifying sensitive information within your codebase and configuration files. It systematically detects critical security risks such as API keys and private keys, alongside personal identifiers, internal URLs, and local system paths. By leveraging an optional personal context file, the skill provides tailored detection for your specific environment, ensuring that proprietary business terms and private folder structures remain confidential before you push to public repositories or share code snippets.

主要功能

Multi-layered detection for credentials, secrets, and environment variables
Programmable JSON output for integration with automation workflows
Supports directory-wide scans while respecting .gitignore rules
7 GitHub stars
Categorized findings with severity ratings and suggested remediation steps
Tailored scanning using a personal context file for PII and internal paths

使用场景

Performing automated safety checks to prevent PII leaks during operator workflows
Auditing a local repository before publishing it to a public GitHub organization
Sanitizing configuration files or dotfiles before sharing them with the community

关于

主要功能

Multi-layered detection for credentials, secrets, and environment variables
Programmable JSON output for integration with automation workflows
Supports directory-wide scans while respecting .gitignore rules
7 GitHub stars
Categorized findings with severity ratings and suggested remediation steps
Tailored scanning using a personal context file for PII and internal paths

使用场景

Performing automated safety checks to prevent PII leaks during operator workflows
Auditing a local repository before publishing it to a public GitHub organization
Sanitizing configuration files or dotfiles before sharing them with the community