← 返回
未分类

Skylv Secret Detector

Scans code for leaked secrets, API keys, tokens, and passwords. Triggers: scan secrets, check api key, security scan, leaked token.
sky-lv
未分类 clawhub v1.0.0 100000 Key: 无需
★ 0
Stars
📥 296
下载
💾 1
安装

概述

Secrets Scanner

Overview

Scans repositories for accidentally committed secrets and API keys.

When to Use

  • User asks to "scan for secrets" or "security audit"
  • Pre-commit or pre-push security check

Patterns to Detect

AWS Key: AKIA[0-9A-Z]{16}

GitHub Token: ghp_[a-zA-Z0-9]{36}

Generic API Key: api[_-]?key.*[a-zA-Z0-9]{20,}

Private Key: -----BEGIN (RSA|DSA|EC) PRIVATE KEY-----

Password in URL: ://[^@]+:.*@

Slack Token: xox[baprs]-[0-9]{10,13}-[0-9]{10,13}

Commands

Windows:

Select-String -Path . -Include .js,.py -Recurse -Pattern "ghp_[a-zA-Z0-9]{36}"

Linux/macOS:

grep -rE "ghp_[a-zA-Z0-9]{36}|AKIA[0-9A-Z]{16}" --include=".js" --include=".py" .

Prevention

Add to .gitignore:

.env

*.key

credentials.*

secrets.*

*.pem

版本历史

共 1 个版本

  • v1.0.0 当前
    2026-05-08 02:39 安全 安全

安全检测

暂无安全检测报告