orbit-sec-secrets-leak

Community

Detect hardcoded secrets in WordPress plugins.

Authoradityaarsharma
Version1.0.0
Installs0

System Documentation

What problem does it solve?

This Skill scans WordPress plugin codebases and git histories for hardcoded secrets, such as API keys, OAuth tokens, and password hashes, helping prevent security breaches.

Core Features & Use Cases

  • Secret Detection: Identifies hardcoded secrets in the codebase and git history.
  • Regex Detection: Uses regex patterns to identify common API key formats.
  • Entropy Detection: Identifies strings with high entropy that are likely secrets.
  • Git History Scan: Checks for secrets in the full git history, including committed and reverted ones.
  • Quick Start: Offers a simple command to start scanning a plugin's codebase.

Quick Start

Use the gitleaks detect --source ~/plugins/my-plugin --verbose command to scan the codebase.

Dependency Matrix

Required Modules

gitleaks

Components

scriptsreferences

💻 Claude Code Installation

Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.

Please help me install this Skill:
Name: orbit-sec-secrets-leak
Download link: https://github.com/adityaarsharma/orbit/archive/main.zip#orbit-sec-secrets-leak

Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
View Source Repository

Agent Skills Search Helper

Install a tiny helper to your Agent, search and equip skill from 620,000+ vetted skills library on demand.