Secrets Scan
Skill VérifiéDetect API keys, passwords, tokens, and other secrets in code. Use when you need to find hardcoded credentials and sensitive data in source code.
This skill performs deep detection of hardcoded credentials, API keys, passwords, and other sensitive data within source code using a comprehensive set of patterns. It includes options for entropy analysis, checking git history, and specifying scan scopes, with detailed output reports and guidance on handling false positives and remediating found secrets.
Installation
npx skills add jwynia/agent-skillsExécute le CLI skills de Vercel (skills.sh) via npx — nécessite Node.js en local et au moins un agent compatible skills installé (Claude Code, Cursor, Codex, …). Suppose que le dépôt suit le format agentskills.io.
Extensions similaires
React Doctor
98Extension from millionco/react-doctor
Security Scan
95Scan code for security vulnerabilities including OWASP Top 10, secrets, and misconfigurations. Use when you need comprehensive security analysis of a codebase.
Shannon Skill
98Autonomous AI pentester for web apps and APIs. Run white-box security assessments with Shannon — analyzes source code, identifies attack vectors, and executes real exploits to prove vulnerabilities. Triggered by 'shannon', 'pentest', 'security audit', 'vuln scan'.
Dependency Scan
98Detect CVEs and security issues in project dependencies. Use when you need to analyze packages for known vulnerabilities across npm, pip, cargo, and other ecosystems.
1Password CLI
98使用 1Password CLI (op) 管理密码和 API credentials。保存、查询、读取 API key/token,注入环境变量到脚本。当用户提到保存密码、保存 API key、查询密码、1password、op CLI、secret 管理时使用此 skill。