Stats
Actions
Tags
From syncable-cli-skills
Scans codebases for leaked secrets (API keys, tokens, passwords, private keys), insecure code patterns, and configuration issues. Returns severity-rated findings with file locations and remediation steps.
How this skill is triggered — by the user, by Claude, or both
Slash command
/syncable-cli-skills:syncable-securityThe summary Claude sees in its skill listing — used to decide when to auto-load this skill
Scan a codebase for leaked secrets (API keys, tokens, passwords, private keys), insecure code patterns, and configuration issues. Returns findings with severity, file locations, and remediation.
Scan a codebase for leaked secrets (API keys, tokens, passwords, private keys), insecure code patterns, and configuration issues. Returns findings with severity, file locations, and remediation.
Always pass --mode explicitly:
| Mode | When to use |
|---|---|
lightning | Quick check, critical files only (.env, configs) |
fast | Smart sampling, large repos during development |
balanced | Default. Good coverage with optimizations |
thorough | Pre-deployment, PR security reviews |
paranoid | Compliance audits, production reviews |
| Flag | Purpose |
|---|---|
--mode <MODE> | Scan depth (always specify) |
--agent | Compressed output (always use) |
--include-low | Include low-severity findings |
--no-secrets | Skip secrets detection (code patterns only) |
--no-code-patterns | Skip code patterns (secrets only) |
--fail-on-findings | Exit with error code if findings exist (CI) |
--output <FILE> | Write report to file |
sync-ctl security <PATH> --mode balanced --agent
Success criteria: JSON output with summary containing severity counts.
Priority order: critical findings (leaked secrets) > high (insecure patterns) > summary score > remediation steps.
Compressed output only includes critical + first 10 high findings. Medium/low are counts only. Use retrieve for details:
sync-ctl retrieve <ref_id> --query "severity:medium"
sync-ctl retrieve <ref_id> --query "file:src/auth.rs"
sync-ctl retrieve <ref_id> --query "code:hardcoded-secret"
Results paginated (default 20). Use --limit N --offset M for more.
Available queries: severity:critical|high|medium|low|info, file:<path>, code:<id>
| Error | Action |
|---|---|
No such file or directory | Ask user to verify path |
| Very slow scan | Suggest balanced or fast mode instead |
No findings with lightning/fast | Re-run with balanced for deeper coverage |
npx claudepluginhub syncable-dev/syncable-cli --plugin syncable-cli-skillsScans codebase for hardcoded secrets, API keys, credentials, tokens, and sensitive data. Supports directories, --all for full repo, --staged for git changes. Reports severity, locations, remediation.
Runs a lightweight mechanical security scan for fast triage. Invoked via /Harness Security Scan or as part of codebase-health-analyst sweep.
Scans codebases for exposed API keys, passwords, tokens, and private keys using pattern matching and entropy analysis. Generates reports with file locations and remediation guidance.