2

    Secret Leak Guard

    by karim hammoumi

    Locally scan your repository for leaked API keys, tokens, and secrets before committing or publishing code.

    Updated May 2026
    0 installs

    Free

    One-time purchase

    ⚡ Also available via Agensi MCP — your AI agent can load this skill on demand via MCP. Learn more →

    Included in download

    • Downloadable skill package
    • 1 permission declared
    • Instant install

    See it in action

    Found 2 potential secrets:
- .env:7 | AWS_SECRET_KEY | [REDACTED_AKIA...]
- src/config.js:12 | Stripe API Key | [REDACTED_sk_test...]
Total findings: 2. Please rotate these credentials before pushing.

    About This Skill

    What it does

    Secret Leak Guard provides a high-performance, local-first scanning layer to prevent credentials, API keys, and sensitive tokens from ever leaving your machine. It identifies high-entropy strings and known secret patterns within your codebase before they are pushed to remote repositories.

    Why use this skill

    Relying on generic LLM prompts for security is risky; they can miss subtle patterns or fail to prioritize leaked data correctly. This skill automates the detection process with precision, providing masked findings to ensure the AI agent itself doesn't inadvertently log the full secret. It is essential for maintaining compliance and preventing 0-day credential leaks.

    Supported Environment

    • Works across any local directory or Git repository
    • Supports modern development environments like Cursor, Claude Code, and VS Code
    • Optional JSON output for integration into CI/CD pipelines or custom developer workflows
    • Zero network calls for scanning, ensuring complete data privacy

    The Output

    You receive a clean, actionable report of potential leaks, categorized by file and line number, with sensitive values safely masked for review.

    📖 Learn more: Best DevOps & Deployment Skills for Claude Code →

    Use Cases

    • Prevent accidental exposure of API keys and credentials in public repos
    • Audit local projects for hardcoded secrets before deployment
    • Generate structured reports of sensitive data findings in JSON format
    • Enforce security compliance during the local development lifecycle

    Reviews

    No reviews yet — be the first to share your experience.

    Only users who have downloaded or purchased this skill can leave a review.

    Security Scanned

    Passed automated security review

    Permissions

    Terminal / Shell

    File Scopes

    secret-leak-guard/**

    Tags

    security
    devops
    git-hooks
    secret-detection
    privacy

    Creator

    karim hammoumi

    Frequently Asked Questions

    Learn More About AI Agent Skills

    Similar Skills

    code-reviewer

    Reviews your code for bugs, security vulnerabilities, logic errors, performance issues, and style violations. Organizes findings by severity and suggests fixes with code examples.

    Free216 installs

    git-commit-writer

    Writes conventional commit messages by analyzing your staged git changes. Detects commit type, scope, and breaking changes automatically.

    Free105 installs

    env-doctor

    Diagnoses why your project will not start. Checks runtime versions, dependencies, environment variables, databases, ports, and build artifacts systematically.

    Free56 installs
    prompt-engineer

    prompt-engineer

    Professional prompt engineering patterns for building robust, secure, and production-ready LLM applications.

    Free52 installs

    Free