secret-patterns
Pass
Audited by Gen Agent Trust Hub on Mar 23, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill provides a library of regular expression patterns for detecting sensitive tokens across various platforms including AWS, GitHub, Stripe, OpenAI, and database connection strings. All examples provided in the documentation use well-known documentation placeholders or regex definitions rather than actual secrets.
- [SAFE]: The execution patterns identified involve standard usage of
ripgrep(rg) for local file searching and Python scripts for calculating Shannon entropy. These operations do not perform network requests or unauthorized data exfiltration. - [SAFE]: External repository references for Gitleaks and TruffleHog are provided as examples for pre-commit hook integration. These are standard, well-recognized security tools used for preventing secret leakage.
- [SAFE]: No obfuscation, persistence mechanisms, or privilege escalation attempts were found in the provided code snippets or markdown content.
Audit Metadata