Hardcoded secret detection and prevention in git repositories and codebases using Gitleaks. Identifies passwords, API keys, tokens, and credentials through regex-based pattern matching and entropy analysis. Use when: (1) Scanning repositories for exposed secrets and credentials, (2) Implementing pre-commit hooks to prevent secret leakage, (3) Integrating secret detection into CI/CD pipelines, (4) Auditing codebases for compliance violations (PCI-DSS, SOC2, GDPR), (5) Establishing baseline secret detection and tracking new exposures, (6) Remediating historical secret exposures in git history.
Inherits all available tools
Additional assets for this skill
This skill inherits all available tools. When active, it can use any tool Claude has access to.
assets/config-balanced.tomlassets/config-custom.tomlassets/config-strict.tomlassets/github-action.ymlassets/gitlab-ci.ymlassets/precommit-config.yamlreferences/EXAMPLE.mdreferences/compliance_mapping.mdreferences/detection_rules.mdreferences/false_positives.mdreferences/remediation_guide.md