gitleaks
Installation
SKILL.md
Gitleaks Secret Detection
When to Use Gitleaks
Ideal scenarios:
- Scanning for hardcoded secrets in source code
- Auditing git history for leaked credentials
- Pre-commit hooks to prevent secret commits
- CI/CD pipeline secret detection
- Finding API keys, passwords, tokens, private keys
- Compliance requirements for credential management
Complements other tools:
- Use before manual code review to catch obvious secrets
- Combine with SARIF Issue Reporter for detailed analysis
- Use alongside Application Inspector for comprehensive security audit