Secret Leak Guard
Locally scan your repository for leaked API keys, tokens, and secrets before committing or publishing code.
- Prevent accidental exposure of API keys and credentials in public repos
- Audit local projects for hardcoded secrets before deployment
- Generate structured reports of sensitive data findings in JSON format
$15
· or 75 creditsSecure checkout via Stripe
Included in download
- Prevent accidental exposure of API keys and credentials in public repos
- Audit local projects for hardcoded secrets before deployment
- terminal automation included
- Ready for Claude Code
Sample input
Check my current directory for any leaked API keys or secrets before I commit these changes.
Sample output
Found 2 potential secrets:
- .env:7 | AWS_SECRET_KEY | [REDACTED_AKIA...]
- src/config.js:12 | Stripe API Key | [REDACTED_sk_test...] Total findings: 2. Please rotate these credentials before pushing.
Secret Leak Guard
Locally scan your repository for leaked API keys, tokens, and secrets before committing or publishing code.
$15
· or 75 creditsSecure checkout via Stripe
Included in download
- Prevent accidental exposure of API keys and credentials in public repos
- Audit local projects for hardcoded secrets before deployment
- terminal automation included
- Ready for Claude Code
- Instant install
Sample input
Check my current directory for any leaked API keys or secrets before I commit these changes.
Sample output
Found 2 potential secrets:
- .env:7 | AWS_SECRET_KEY | [REDACTED_AKIA...]
- src/config.js:12 | Stripe API Key | [REDACTED_sk_test...] Total findings: 2. Please rotate these credentials before pushing.
About This Skill
What it does
Secret Leak Guard provides a high-performance, local-first scanning layer to prevent credentials, API keys, and sensitive tokens from ever leaving your machine. It identifies high-entropy strings and known secret patterns within your codebase before they are pushed to remote repositories.
Why use this skill
Relying on generic LLM prompts for security is risky; they can miss subtle patterns or fail to prioritize leaked data correctly. This skill automates the detection process with precision, providing masked findings to ensure the AI agent itself doesn't inadvertently log the full secret. It is essential for maintaining compliance and preventing 0-day credential leaks.
Supported Environment
- Works across any local directory or Git repository
- Supports modern development environments like Cursor, Claude Code, and VS Code
- Optional JSON output for integration into CI/CD pipelines or custom developer workflows
- Zero network calls for scanning, ensuring complete data privacy
The Output
You receive a clean, actionable report of potential leaks, categorized by file and line number, with sensitive values safely masked for review.
Use Cases
- Prevent accidental exposure of API keys and credentials in public repos
- Audit local projects for hardcoded secrets before deployment
- Generate structured reports of sensitive data findings in JSON format
- Enforce security compliance during the local development lifecycle
Known Limitations
- May produce false positives on high-entropy non-secret strings.
- Local scan only; does not verify if secrets are active.
How to Install
mkdir -p ~/.claude/skills && curl -sL https://www.agensi.io/api/install/secret-leak-guard -o /tmp/secret-leak-guard.zip && unzip -o /tmp/secret-leak-guard.zip -d ~/.claude/skills && rm /tmp/secret-leak-guard.zipFree skills install directly. Paid skills require purchase - use the download button above after buying.
Reviews
No reviews yet - be the first to share your experience.
Only users who have downloaded or purchased this skill can leave a review.
Early access skill
Be the first to review this skill.
Only users who have downloaded or purchased this skill can leave a review.
Security Scanned
Passed automated security review
Permissions
File Scopes
Claude Code, Cursor, VS Code, and other CLI-based agents.