How does it handle false positives like example keys?

The scanner is configured to ignore common placeholders and test files. You can also provide custom exclusion patterns via the command line to skip specific files or directories.

Is this a replacement for CI/CD secret scanning?

It is a powerful developer-centric tool for local workflows, but it should be used as a supplement to, not a replacement for, comprehensive CI/CD security pipelines.

Does it modify my source files automatically?

No, the skill identifies secrets and alerts you. You must manually replace them with environment variables or placeholders before re-running the packaging command.

What types of secrets can this skill detect?

It detects a wide range of credentials including AWS keys, Stripe tokens, OpenAI API keys, JWTs, database URLs, and generic API key patterns.

Can I use the scanner without packaging the code?

Yes, the skill includes a standalone scanning script specifically for performing security audits without triggering the Repomix packaging process.

Repomix Safe Mixer

Name: Repomix Safe Mixer
Author: daymade

bydaymade

•

147

•

Security & Testing

Protects sensitive data by automatically detecting and removing hardcoded credentials before packaging codebases with Repomix.

Repomix Safe Mixer is a security-focused Claude Code skill designed to prevent the accidental exposure of sensitive information when bundling code for distribution or AI analysis. By integrating a robust secret scanner into the Repomix workflow, it identifies API keys, database credentials, and tokens across various cloud providers and services. It provides a comprehensive workflow that blocks packaging if secrets are detected, ensuring that every generated bundle is audited and sanitized for safe sharing or LLM context ingestion.

Key Features

01Standalone security auditing for pre-commit checks and manual code reviews.

02Detailed reporting with precise file and line-number locations for detected secrets.

03147 GitHub stars

04Configurable exclusion patterns to skip test files and handle false positives.

05Automated credential scanning for AWS, Stripe, OpenAI, and 20+ other services.

06Safe-pack workflow that blocks file generation if sensitive data is found.

Use Cases

01Creating safe, shareable reference packages for public repositories or documentation.

02Sanitizing a codebase before sharing it with Claude or other LLMs for debugging.

03Running automated security audits before committing code to version control.

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add daymade/claude-code-skills repomix-safe-mixer

For use in Claude.ai and ChatGPT

Download Skill