Secret Detector

v1.0.0

Scans code for leaked secrets, API keys, tokens, and passwords. Triggers: scan secrets, check api key, security scan, leaked token.

0· 31· 1 versions· 1 current· 1 all-time· Updated 6h ago· MIT-0

by@sky-lv·duplicate of @sky-lv/skylv-secrets-scanner

Secrets Scanner

Overview

Scans repositories for accidentally committed secrets and API keys.

When to Use

User asks to "scan for secrets" or "security audit"
Pre-commit or pre-push security check

Patterns to Detect

AWS Key: AKIA[0-9A-Z]{16} GitHub Token: ghp_[a-zA-Z0-9]{36} Generic API Key: api[_-]?key.[a-zA-Z0-9]{20,} Private Key: -----BEGIN (RSA|DSA|EC) PRIVATE KEY----- Password in URL: ://[^@]+:.@ Slack Token: xox[baprs]-[0-9]{10,13}-[0-9]{10,13}

Commands

Windows: Select-String -Path . -Include .js,.py -Recurse -Pattern "ghp_[a-zA-Z0-9]{36}"

Linux/macOS: grep -rE "ghp_[a-zA-Z0-9]{36}|AKIA[0-9A-Z]{16}" --include=".js" --include=".py" .

Prevention

Add to .gitignore: .env .key credentials. secrets.* *.pem

Version tags

latestvk974z5zsq0xfmeh7qm9c31mx8s85ven7