Can I integrate Secret Scanner into my automation workflows?

Yes, the skill provides specific exit codes and a JSON output flag, making it ideal for automated security checks and CI/CD pipelines.

Do I need to install anything else for this skill to work?

Yes, Gitleaks must be installed on your system via Homebrew, Go, or Docker for the scanner to execute its checks.

How does the severity mapping work?

Findings are categorized into Critical, High, Medium, and Low based on the type of secret found, such as AWS keys being critical and generic tokens being medium.

What types of secrets can this skill detect?

Secret Scanner identifies AWS access keys, private certificates, passwords, API tokens, and generic credentials using the Gitleaks rule engine.

Does it support CWE standards?

Yes, it covers several CWE categories including CWE-798 (Hard-coded Credentials) and CWE-312 (Cleartext Storage of Sensitive Information).

Secret Scanner

Name: Secret Scanner
Author: naporin0624

bynaporin0624

•

Security & Testing

Scans git repositories for hardcoded secrets, credentials, and API keys to prevent security breaches and data leaks.

Secret Scanner is a specialized security utility that integrates Gitleaks into Claude Code to identify sensitive information within your codebase. It automates the detection of AWS keys, private certificates, and passwords, providing structured reports that include severity levels, specific file locations, and remediation steps. By mapping findings to Common Weakness Enumeration (CWE) standards, this skill helps developers maintain rigorous security posture and ensure that proprietary credentials never reach public repositories or production environments.

Key Features

01Direct mapping to CWE-798, CWE-259, and other security standards

02Support for JSON output and system readiness checks

03Comprehensive reporting with severity levels from low to critical

04Automated detection of API keys, passwords, and private credentials using Gitleaks

05Detailed finding metadata including commit history, author, and line numbers

062 GitHub stars

Use Cases

01Scanning legacy repositories for hardcoded passwords and tokens

02Generating security compliance reports for git-based projects

03Conducting pre-commit security audits to prevent credential leaks

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add naporin0624/claude-web-audit-plugins secret-scanner

For use in Claude.ai and ChatGPT

Download Skill