From secret-scanner
Scans codebase for exposed secrets, API keys, passwords, and tokens using pattern matching, entropy analysis, and git history. Reports location, type, severity, and remediation steps.
How this command is triggered — by the user, by Claude, or both
Slash command
/secret-scanner:scan-secretsThe summary Claude sees in its command listing — used to decide when to auto-load this command
# Secret Scanner Scan codebase for exposed secrets, API keys, passwords, tokens, and sensitive credentials that should not be committed to version control. ## Detection Methods 1. **Pattern Matching** - API keys (AWS, Google, Azure, Stripe, etc.) - Private keys (RSA, SSH, PGP) - Database credentials - OAuth tokens - JWT tokens - Passwords in configuration files 2. **Entropy Analysis** - High-entropy strings (base64, hex) - Random-looking strings that may be secrets - Cryptographic keys 3. **Common Mistakes** - Hardcoded credentials in source code - Cred...
Scan codebase for exposed secrets, API keys, passwords, tokens, and sensitive credentials that should not be committed to version control.
Pattern Matching
Entropy Analysis
Common Mistakes
File Type Analysis
Generate detailed secret exposure report with:
For exposed secrets:
16plugins reuse this command
First indexed Dec 31, 2025
Showing the 6 earliest of 16 plugins
npx claudepluginhub fleet-to-force/claude-code-plugins-plus --plugin secret-scanner/scan-secretsScans codebase for exposed secrets, API keys, passwords, and tokens using pattern matching, entropy analysis, and git history. Reports location, type, severity, and remediation steps.
/secret-scanScans codebase and git history for hardcoded secrets, API keys, credentials, and sensitive config values. Masks findings and categorizes them as LIVE, EXAMPLE, or HISTORY leaks.
/secrets-scanScans the codebase for leaked secrets, API keys, tokens, and credentials, reporting severity and suggesting remediation.
/securityScans code for exposed secrets and vulnerabilities via the github-autopilot MCP server, reporting risk level, severity, and fixes with redacted secrets.
/harden-credentialsScan for leaked secrets, set up pre-commit hooks, and harden credential hygiene