Skills
.Work. You
Rest

x-scan-secrets

Community

Scan code for leaked secrets and output SARIF.

Software Engineering#security#codebase#secrets#scan#gitleaks#trufflehog#sarif
Authoredercnj
Version1.0.0
Installs0

System Documentation

What problem does it solve?

Detect leaked secrets in codebases and Git history, helping teams prevent credential leakage and compliance risks.

Core Features & Use Cases

  • Detects API keys, tokens, passwords, and other secrets in current code and historical commits using popular scanners (gitleaks/trufflehog).
  • Produces SARIF 2.1.0 output for integration with CI and code scanning tools, with optional baseline support to exclude known false positives.
  • Supports scope options to scan current working tree, history, or both, enabling targeted security reviews in CI pipelines.

Quick Start

Run the secret-scan command against your project root to generate a SARIF report and scoring results.

Dependency Matrix

Required Modules

None required

Components

Standard package

💻 Claude Code Installation

Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.

Please help me install this Skill:
Name: x-scan-secrets
Download link: https://github.com/edercnj/ia-dev-environment/archive/main.zip#x-scan-secrets

Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
View Source Repository

Agent Skills Search Helper

Install a tiny helper to your Agent, search and equip skill from 471,000+ vetted skills library on demand.