Credential Handling Safety Reviewer
by LB Creations
Review scripts and docs for safer handling of passwords, tokens, keys, and sensitive values.
- Sanitize scripts and runbooks before merging into public or shared repos.
- Audit token rotation and scoping plans using synthetic examples.
- Generate remediation checklists for security-focused peer reviews.
$24.99
· or 125 creditsSecure checkout via Stripe
Included in download
- Sanitize scripts and runbooks before merging into public or shared repos.
- Audit token rotation and scoping plans using synthetic examples.
- terminal automation included
- Ready for Codex CLI
Sample input
Please review this redacted bash script for any sensitive value handling issues and suggest safer patterns for the API token and tenant ID.
Sample output
Hygiene Verdict: NEEDS CHANGES
- Risk: Token passed as environmental variable in script; visible in 'ps' output.
- Fix: Replace with 'security find-generic-password' lookup.
- Redaction: Line 14 contains a hardcoded placeholder that resembles a production tenant ID. Use UUID variable.
Review scripts and docs for safer handling of passwords, tokens, keys, and sensitive values.
$24.99
· or 125 creditsSecure checkout via Stripe
Included in download
- Sanitize scripts and runbooks before merging into public or shared repos.
- Audit token rotation and scoping plans using synthetic examples.
- terminal automation included
- Ready for Codex CLI
- Instant install
Sample input
Please review this redacted bash script for any sensitive value handling issues and suggest safer patterns for the API token and tenant ID.
Sample output
Hygiene Verdict: NEEDS CHANGES
- Risk: Token passed as environmental variable in script; visible in 'ps' output.
- Fix: Replace with 'security find-generic-password' lookup.
- Redaction: Line 14 contains a hardcoded placeholder that resembles a production tenant ID. Use UUID variable.
Screenshots
About This Skill
Defensive review for sensitive-value handling
Credential Handling Safety Reviewer reviews scripts, runbooks, and configuration notes for safer handling of passwords, tokens, keys, and other sensitive values.
What it checks
- Sensitive values placed in scripts, tickets, docs, or config snippets.
- Prompt and variable patterns that may appear in logs, shell history, process listings, or temporary files.
- Keychain and secret-store assumptions from redacted examples.
- Token lifecycle notes covering scope, owner, expiration, rotation, and revocation planning.
- Support log cleanup guidance that preserves troubleshooting value.
Boundaries
Use redacted or synthetic examples. This skill does not collect, validate, store, transmit, or request live passwords, API tokens, recovery keys, private tenant values, or private customer data.
Output
You get a hygiene verdict, redaction notes, safer handling patterns, token lifecycle checklist, and peer-review remediation notes.
Use Cases
- Sanitize scripts and runbooks before merging into public or shared repos.
- Audit token rotation and scoping plans using synthetic examples.
- Generate remediation checklists for security-focused peer reviews.
- Protect diagnostic logs by removing sensitive user or tenant identifiers.
Known Limitations
- Cannot detect if a placeholder is actually a live secret.
- No real-time integration with secret managers.
- Limited to static analysis of scripts and text.
How to Install
mkdir -p ~/.claude/skills && curl -sL https://www.agensi.io/api/install/credential-handling-safety-reviewer -o /tmp/credential-handling-safety-reviewer.zip && unzip -o /tmp/credential-handling-safety-reviewer.zip -d ~/.claude/skills && rm /tmp/credential-handling-safety-reviewer.zipFree skills install directly. Paid skills require purchase - use the download button above after buying.
Reviews
No reviews yet - be the first to share your experience.
Only users who have downloaded or purchased this skill can leave a review.
Early access skill
Be the first to review this skill.
Only users who have downloaded or purchased this skill can leave a review.
Security Scanned
Passed automated security review
Permissions
No runtime dependencies. Works with SKILL.md-compatible agents including Claude Code, Codex CLI, Cursor, VS Code Copilot, Gemini CLI, and OpenClaw. Use redacted or synthetic examples; do not paste live passwords, API tokens, recovery keys, private tenant values, or customer data.
Creator
LB designs and builds autonomous AI systems optimized for local deployment. Specializing in distributed inference fleets, multi-model orchestration, and agent-native tooling, everything runs on your hardware, zero API fees.
Frequently Asked Questions
Learn More About AI Agent Skills
More Premium Skills
Multi-Agent Orchestration Master Library
Transform Claude Code into a coordinated multi-agent system. Battle-tested tmux orchestration patterns, YAML task queues, event-driven communication, and parallel worker management for 8+ agents.
cinematic-sites
Turn any basic business URL into a high-end cinematic landing page with AI-generated 4K assets and GSAP animations.
endless-loop
Autonomous research and task loop that builds on previous findings to solve complex objectives while you sleep.
skill-router-2
Automatically detect, load, and stack the perfect skills combo for any user request.