The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: The skill facilitates the download and installation of Gitleaks binaries from its official GitHub repository.
Evidence: Documentation in SKILL.md, references/api-reference.md, and assets/template.md provide instructions and scripts for fetching releases from https://github.com/gitleaks/gitleaks/releases/.
[COMMAND_EXECUTION]: Automation scripts wrap the Gitleaks CLI using Python's subprocess.run with list-based arguments, effectively mitigating shell injection risks.
Evidence: Both scripts/agent.py and scripts/process.py construct command lists for execution, ensuring that user-provided inputs like repository paths or commit ranges are handled as individual arguments rather than shell-evaluated strings.
[SAFE]: The skill incorporates robust security practices for handling sensitive data and remediation.
Evidence: The implementation includes dedicated logic for redacting secrets in generated reports (seen in the redact_secret function in scripts/process.py) and aligns with standards like NIST SP 800-218 for secure software development.

implementing-secret-scanning-with-gitleaks