🛡️ Secret Scanner
Detect exposed secrets, API keys, credentials, and tokens in code. Use before commits, on file saves, or when security is mentioned. Prevents accidental secret exposure. Triggers on file changes, git commits, security checks, .env file modifications.
npx playbooks add skill sovranbitcoin/sovran --skill secret-scanner
About Secret Scanner
Use Secret Scanner to configure Claude Code, Cursor, or Copilot for security: it detect exposed secrets, api keys, credentials, and tokens in code. use before commits, on file saves, or when security is mentioned. prevents accidental secret exposure. triggers on file changes, git commits, security checks, .env file modifications.
This compact 36-word instruction set is purpose-built for security work in AI coding agents. Install with a single command.
Use Cases
- Auditing code for OWASP Top 10 vulnerabilities
- Implementing authentication and authorization patterns
- Reviewing API security, rate limiting, and input validation
- Hardening infrastructure and dependency security
Example Prompts
System Prompt (36 words)
Detect exposed secrets, API keys, credentials, and tokens in code. Use before commits, on file saves, or when security is mentioned. Prevents accidental secret exposure. Triggers on file changes, git commits, security checks, .env file modifications.
Frequently Asked Questions
What is Secret Scanner?
Secret Scanner is a free security skill for AI coding agents. Detect exposed secrets, API keys, credentials, and tokens in code. Use before commits, on file saves, or when security is mentioned. Prevents accidental secret exposure. Triggers on file changes, git commits, security checks, .env file modifications.. It provides a specialized system prompt that configures your agent with security expertise.
How do I use Secret Scanner with Claude Code?
Run npx playbooks add skill sovranbitcoin/sovran --skill secret-scanner in your terminal to install Secret Scanner into your Claude Code session. It works immediately after installation.
Which AI coding agents work with Secret Scanner?
Secret Scanner is compatible with Claude Code, Cursor, GitHub Copilot, Windsurf, OpenClaw, Cline, and any AI agent that supports custom system prompts or .cursorrules files.
Is Secret Scanner free to use?
Yes, Secret Scanner is completely free and open source. The full source is available on GitHub at https://github.com/sovranbitcoin/sovran/tree/main/.agents/skills/secret-scanner. You only need a subscription to the AI agent you use it with.
