Stats
Actions
Tags
From codebase-pilot
Scans the codebase for leaked secrets, API keys, passwords, and credentials. Best before committing code or reviewing security posture. 180 patterns across 15 categories.
How this skill is triggered — by the user, by Claude, or both
Slash command
/codebase-pilot:scan-secretsThe summary Claude sees in its skill listing — used to decide when to auto-load this skill
Security scan for leaked credentials across the entire codebase.
Security scan for leaked credentials across the entire codebase.
codebase-pilot scan-secrets
| Category | Examples |
|---|---|
| Cloud | AWS, GCP, Azure, DigitalOcean, Supabase |
| VCS / CI | GitHub, GitLab, Bitbucket, CircleCI |
| Payment | Stripe, Razorpay, Square, PayPal |
| AI LLMs | OpenAI, Anthropic, Groq, xAI |
| Database | MongoDB, PostgreSQL, Redis, Neon |
| Crypto | Ethereum, Solana, Bitcoin private keys |
| Generic | password=, secret=, Bearer tokens |
pack command auto-scans — files with secrets are excluded from outputpack are automatically excluded from AI contexthttp://localhost:7456/securitynpx claudepluginhub kalpeshgamit/codebase-pilot --plugin codebase-pilotScans code, git history, and configs for secrets like API keys, cloud credentials, private keys, and DB strings using regex, entropy, and context. Assesses severity and generates remediation reports.
This skill should be used when the user asks to "find hardcoded secrets", "audit for credential leaks", "check for API keys in code", "review secret scanning alerts", "rotate a leaked secret", or needs to detect hardcoded credentials, review secret handling patterns, or remediate exposed secrets.
Scans codebase for hardcoded secrets, API keys, credentials, tokens, and sensitive data. Supports directories, --all for full repo, --staged for git changes. Reports severity, locations, remediation.