Hardcoded secret detection and prevention in git repositories and codebases using Gitleaks. Identifies passwords, API keys, tokens, and credentials through regex-based pattern matching and entropy analysis. Use when: (1) Scanning repositories for exposed secrets and credentials, (2) Implementing pre-commit hooks to prevent secret leakage, (3) Integrating secret detection into CI/CD pipelines, (4) Auditing codebases for compliance violations (PCI-DSS, SOC2, GDPR), (5) Establishing baseline secret detection and tracking new exposures, (6) Remediating historical secret exposures in git history.
/plugin marketplace add AgentSecOps/SecOpsAgentKit/plugin install appsec-skills@agent-sec-ops-kit-skillsThis skill inherits all available tools. When active, it can use any tool Claude has access to.
assets/config-balanced.tomlassets/config-custom.tomlassets/config-strict.tomlassets/github-action.ymlassets/gitlab-ci.ymlassets/precommit-config.yamlreferences/EXAMPLE.mdreferences/compliance_mapping.mdreferences/detection_rules.mdreferences/false_positives.mdreferences/remediation_guide.mdBuild comprehensive attack trees to visualize threat paths. Use when mapping attack scenarios, identifying defense gaps, or communicating security risks to stakeholders.