Install
openclaw skills install @kingaiwork/secrets-scanner-remediatorScan codebase for hardcoded secrets, auto-rotate keys, and generate .gitignore rules. / 扫描代码库中的硬编码密钥,自动轮换密钥并生成.gitignore规则。
openclaw skills install @kingaiwork/secrets-scanner-remediatorScan codebase for hardcoded secrets, auto-rotate keys, and generate .gitignore rules. / 扫描代码库中的硬编码密钥,自动轮换密钥并生成.gitignore规则。
🦁 由 KingAI.Work 出品 — 智能进化|vip@kingai.work
• Scans entire codebase history for any hardcoded secrets or credentials / 深度扫描整个代码库历史,揪出所有硬编码的密钥与凭证,消除数据泄露隐患
• Auto-generates tailored .gitignore rules to prevent future secret leaks / 智能生成专属.gitignore规则,为后续开发筑起防泄漏屏障
• Detects over 100 secret patterns, including API keys and tokens / 支持检测100+种密钥模式,涵盖API密钥、令牌等常见敏感信息
• Replaces found secrets with placeholder values for safe commits / 自动将发现的密钥替换为占位符,确保提交安全无虞
• Pro-only: One-click key rotation with cloud provider APIs for AWS, GCP, Azure / 高级版限定:一键对接AWS、GCP、Azure等云服务商API,自动完成密钥轮换
• Pro-only: Custom rule engine for proprietary secret formats and compliance checks / 高级版专属:自定义规则引擎,适配企业专有密钥格式与合规审计需求
# Step 1 — check environment
which bash curl && echo "Ready"
# Step 2 — run the tool
secrets-scanner-remediator scan --repo ./my-project --output report.json Scans the entire repository for secrets and exports a detailed report. / 扫描整个仓库中的密钥,并导出详尽的检测报告。
# Step 3 — review output
echo "Done — check the generated output"
• A developer committed an AWS access key to a public repo; scan history, remove it, and auto-add to .gitignore / 开发者不慎将AWS访问密钥提交至公开仓库,扫描历史、移除密钥并自动加入.gitignore
• A team onboarding new members needs to ensure no leaked credentials in their legacy codebase / 新成员加入团队,需确保遗留代码库中不存在泄露的凭证信息
• Before a compliance audit, run a full scan across all repos to verify no sensitive data is exposed / 合规审计前,全面扫描所有代码库,确认无敏感数据暴露风险
| Capability | Free | Pro |
|---|---|---|
| Basics / 基础 | ✅ | ✅ |
| Automation / 自动化 | — | ✅ |
| AI / AI 功能 | — | ✅ |
| Support | Community | Priority |
Published by King AI — kingai.work