/scan-secrets

704

Description

Scan for exposed secrets and credentials in codebase

Install

Add the repository(one-time)

/plugin marketplace add jeremylongshore/claude-code-plugins-plus

Install the plugin

/plugin install secret-scanner@claude-code-plugins-plus

Prompt Preview

# Secret Scanner

Scan codebase for exposed secrets, API keys, passwords, tokens, and sensitive credentials that should not be committed to version control.

## Detection Methods

1. **Pattern Matching**
   - API keys (AWS, Google, Azure, Stripe, etc.)
   - Private keys (RSA, SSH, PGP)
   - Database credentials
   - OAuth tokens
   - JWT tokens
   - Passwords in configuration files

2. **Entropy Analysis**
   - High-entropy strings (base64, hex)
   - Random-looking strings that may be secrets
   - Cryptographic keys

3. **Common Mistakes**
   - Hardcoded credentials in source code
   - Cred...