Back to Marketplaces

agent-security Marketplace - Claude Code Plugins | ClaudePluginHub

Marketplace

agent-security

Security plugins for Claude Code and Cursor: secret scanning and safe coding patterns

Component Overview

0

Commands

0

Agents

0

Skills

1

Hooks

0

MCP Servers

0

LSP Servers

0

Output Styles

Install

$

npx claudepluginhub mintmcp/agent-security

README

1 Plugin

secrets-scanner

56

Scans for common credential formats across cloud, source control, payment, and collaboration providers

6mo

v0.1.14

Related Marketplaces

antigravity-awesome-skills

Claude Code marketplace entries for the plugin-safe Antigravity Awesome Skills library and its compatible editorial bundles.

claude-code-workflows

Production-ready workflow orchestration with 79 focused plugins, 184 specialized agents, and 150 skills - optimized for granular installation and minimal token usage

voltagent-subagents

Curated collection of 141 specialized Claude Code subagents organized into 10 focused categories

Stats

Plugins1

Stars56

UpdatedJan 1, 2026

Links

View on GitHub View Marketplace JSON

Categories

Text changing depending on mode. Light: 'So light!' Dark: 'So dark!'

Security plugins for Claude Code and Cursor

This repository currently provides a secrets scanner plugin.

Motivation

Coding agents are powerful, but we've repeatedly seen them read and propagate sensitive data during everyday work. That can be acceptable for casual "vibe coding" experiments, but it's not acceptable for production software engineering. We built this to make accidental leakage much harder: a standalone, local-first scanner with minimal footprint (no external dependencies, regex-only), running as editor/agent hooks entirely on your machine, and easy to set up so teams can adopt it without friction.

Claude Secret Scan demo

Install

Claude Code Plugin Marketplace

Install via the Claude Code plugin marketplace:

/plugin marketplace add mintmcp/agent-security
/plugin install secrets-scanner@agent-security

PyPI (manual hooks)

pipx install claude-secret-scan
# or
python3 -m pip install --user claude-secret-scan

Add hooks to ~/.claude/settings.json if using PyPI:

{
  "hooks": {
    "UserPromptSubmit": [
      {"hooks": [{"type": "command", "command": "claude-secret-scan --mode=pre"}]} 
    ],
    "PreToolUse": [
      {"matcher": "Read|read", "hooks": [{"type": "command", "command": "claude-secret-scan --mode=pre"}]}
    ],
    "PostToolUse": [
      {"matcher": "Read|read", "hooks": [{"type": "command", "command": "claude-secret-scan --mode=post"}]},
      {"matcher": "Bash|bash", "hooks": [{"type": "command", "command": "claude-secret-scan --mode=post"}]}
    ]
  }
}

Cursor

Copy examples/configs/cursor-hooks.json to ~/.cursor/hooks.json or configure similarly:

{
  "version": 1,
  "hooks": {
    "beforeReadFile": [{"command": "cursor-secret-scan --mode=pre"}],
    "beforeSubmitPrompt": [{"command": "cursor-secret-scan --mode=pre"}]
  }
}

Repository Layout

.
├── .claude-plugin/
│   └── marketplace.json
├── plugins/
│   └── secrets_scanner/
│       ├── .claude-plugin/
│       │   └── plugin.json
│       ├── hooks/
│       │   ├── hooks.json
│       │   └── secrets_scanner_hook.py
│       ├── tests/
│       │   └── read_hook_test.py
│       ├── TESTING.md
│       └── README.md
├── examples/
│   └── configs/
├── pyproject.toml
└── README.md

Notes

Pre hooks block when secrets are detected. Post hooks print warnings.
No external dependencies. The scanner uses only Python's built-in regexes and simple pattern matching.
Runs completely locally. No code, prompts, or files leave your system.
Curious how it works? See plugins/secrets_scanner/hooks/secrets_scanner_hook.py for the core implementation and patterns.
No telemetry by default. For org-wide visibility and governance (dashboards, metrics, alerting), see https://mintmcp.com.

License

Apache License 2.0. See LICENSE.

Acknowledgements

Regex patterns were informed by or adapted from detect-secrets (Apache 2.0).