sast-hardcodedsecrets
CommunityFind hardcoded secrets in public code.
Software Engineering#client-side#vulnerability-detection#hardcoded-secrets#security-scanning#code-security#public-code
Authorutkusen
Version1.0.0
Installs0
System Documentation
What problem does it solve?
Detects hardcoded sensitive data (API keys, tokens, private keys, and passwords) that are exposed in publicly accessible code, helping teams locate credential leaks before they are exploited.
Core Features & Use Cases
- Three-phase detection: recon, batched verify, and merge to surface authentic secrets in code bases across frontend, mobile, and server-linked projects.
- Outputs to sast/hardcodedsecrets-recon.md during Recon and to sast/hardcodedsecrets-results.md after Phase 3
- Prerequisites: sast/architecture.md must exist to map software stack and determine frontend vs backend exposure.
Quick Start
Initiate the recon phase to identify candidate secrets and review the resulting sast/hardcodedsecrets-recon.md to begin verification.
Dependency Matrix
Required Modules
None requiredComponents
Standard package💻 Claude Code Installation
Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.
Please help me install this Skill: Name: sast-hardcodedsecrets Download link: https://github.com/utkusen/sast-skills/archive/main.zip#sast-hardcodedsecrets Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
Agent Skills Search Helper
Install a tiny helper to your Agent, search and equip skill from 471,000+ vetted skills library on demand.