Protect repositories from accidental secret commits. Essential when working with AI agents. Use when: setting up new project, adding pre-commit hooks, scanning for secrets, fixing leaked credentials. Triggers: "настрой защиту секретов", "setup secrets", "check secrets", "scan secrets", "проверь секреты", "pre-commit", "gitleaks". PROACTIVELY suggest when creating new projects or when .pre-commit-config.yaml is missing.
/plugin marketplace add timequity/vibe-coder/plugin install vibe-coder@vibe-coderThis skill inherits all available tools. When active, it can use any tool Claude has access to.
assets/gitignore-secretsassets/pre-commit-config.yamlassets/security-workflow.yamlreferences/setup-guide.mdreferences/tools-reference.mdMulti-layered protection against accidental secret commits. Critical for AI-assisted development where agents may not recognize sensitive data.
For new projects, run this setup:
# 1. Check if pre-commit is installed
which pre-commit || pip install pre-commit
# 2. Copy pre-commit config from assets
# See assets/pre-commit-config.yaml
# 3. Create secrets baseline
echo '{"version": "1.5.0", "results": {}}' > .secrets.baseline
# 4. Install hooks
pre-commit install
pre-commit install --hook-type pre-push
# 5. Verify .gitignore has secret patterns
# See assets/gitignore-secrets
When user says "настрой защиту секретов" or "setup secrets protection":
ls -la .pre-commit-config.yaml .secrets.baseline .gitignore 2>/dev/null
If .pre-commit-config.yaml missing:
assets/pre-commit-config.yamlCheck .gitignore for secret patterns:
grep -E "\.env|\.key|API_KEY|secret" .gitignore
assets/gitignore-secretsecho '{"version": "1.5.0", "results": {}}' > .secrets.baseline
pre-commit install
pre-commit install --hook-type pre-push
assets/security-workflow.yaml to .github/workflows/When user says "проверь секреты" or "check secrets":
# Quick scan with gitleaks
gitleaks detect --no-git -v
# Detailed scan with detect-secrets
detect-secrets scan --all-files
Report findings and suggest fixes.
When secret is detected:
Identify the secret type (API key, password, private key, etc.)
Suggest remediation:
.env file (ensure it's in .gitignore)os.environ.get("API_KEY").secrets.baselineIf already committed:
For false positives, update the baseline:
detect-secrets scan --baseline .secrets.baseline
IMPORTANT: When working in any project, check for secret protection:
# Quick check
if [ ! -f .pre-commit-config.yaml ]; then
echo "WARNING: No pre-commit config found"
fi
If missing, ask user: "В проекте нет защиты от утечки секретов. Настроить?"
Copy these to project as needed:
assets/pre-commit-config.yaml - Pre-commit hooks configurationassets/gitignore-secrets - Patterns to add to .gitignoreassets/security-workflow.yaml - GitHub Actions CI workflowThis skill should be used when the user asks to "create an agent", "add an agent", "write a subagent", "agent frontmatter", "when to use description", "agent examples", "agent tools", "agent colors", "autonomous agent", or needs guidance on agent structure, system prompts, triggering conditions, or agent development best practices for Claude Code plugins.
This skill should be used when the user asks to "create a slash command", "add a command", "write a custom command", "define command arguments", "use command frontmatter", "organize commands", "create command with file references", "interactive command", "use AskUserQuestion in command", or needs guidance on slash command structure, YAML frontmatter fields, dynamic arguments, bash execution in commands, user interaction patterns, or command development best practices for Claude Code.
This skill should be used when the user asks to "create a hook", "add a PreToolUse/PostToolUse/Stop hook", "validate tool use", "implement prompt-based hooks", "use ${CLAUDE_PLUGIN_ROOT}", "set up event-driven automation", "block dangerous commands", or mentions hook events (PreToolUse, PostToolUse, Stop, SubagentStop, SessionStart, SessionEnd, UserPromptSubmit, PreCompact, Notification). Provides comprehensive guidance for creating and implementing Claude Code plugin hooks with focus on advanced prompt-based hooks API.