check-secrets
CommunityDetect and block committed secrets
Authormattbobambrose
Version1.0.0
Installs0
System Documentation
What problem does it solve?
Prevents accidental exposure of secrets by discovering sensitive files in the working tree and in git history, identifying tracked secrets that require removal, and ensuring sensitive file patterns are excluded via .gitignore so secrets are not committed in the future.
Core Features & Use Cases
- Repository-wide secret discovery: Glob-based scans for .env files, key files, credentials, and other common secret patterns across the working tree.
- Tracking and history analysis: Uses git ls-files to detect currently tracked secrets and git log searches to find historical exposures.
- Remediation and prevention: Updates root .gitignore safely for uncovered patterns and optionally installs a POSIX pre-commit hook to block future secret commits.
- Use Case: Run before open-sourcing a project or releasing to ensure no secrets are tracked or historically exposed and to add automated checks for future commits.
Quick Start
Run the check-secrets skill to scan the repository for tracked or historical secrets, append missing patterns to .gitignore, and optionally install a POSIX pre-commit hook to block future secret commits.
Dependency Matrix
Required Modules
None requiredComponents
Standard package💻 Claude Code Installation
Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.
Please help me install this Skill: Name: check-secrets Download link: https://github.com/mattbobambrose/mattbobambrose-claude-skills/archive/main.zip#check-secrets Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
Agent Skills Search Helper
Install a tiny helper to your Agent, search and equip skill from 471,000+ vetted skills library on demand.