secrets
Installation
SKILL.md
Secrets Detection (SEC)
Analyze source code, configuration files, and git history for hardcoded credentials, API keys, tokens, private keys, and other sensitive material that should never appear in version control. Secrets in code are among the most immediately exploitable vulnerabilities -- a single leaked API key can lead to full account compromise within minutes.
Supported Flags
Read ../../shared/schemas/flags.md for the full flag specification. This skill
supports all cross-cutting flags. Key behaviors:
| Flag | Secrets-Specific Behavior |
|---|---|
--scope |
Default changed. Secrets analysis scans all file types including config, YAML, JSON, .env, scripts, and source code. |
--depth quick |
Scanners only (gitleaks/trufflehog), no manual pattern analysis. |
--depth standard |
Full file read of scoped files + Grep heuristics for patterns scanners miss. |
--depth deep |
Standard + scan git history for previously committed and removed secrets. |
Related skills