secret-scanning

Solid

Guide for configuring and managing GitHub secret scanning, push protection, custom patterns, and secret alert remediation. For pre-commit secret scanning in AI coding agents via the GitHub MCP Server, this skill references the Advanced Security plugin (`advanced-security@copilot-plugins`). Use this skill when enabling secret scanning, setting up push protection, defining custom patterns, triaging alerts, resolving blocked pushes, or when an agent needs to scan code for secrets before committing.

AI & Automation 34,158 stars 4179 forks Updated yesterday MIT

Install

View on GitHub

Quality Score: 93/100

Stars 20%
100
Recency 20%
100
Frontmatter 20%
70
Documentation 15%
100
Issue Health 10%
50
License 10%
100
Description 5%
100

Skill Content

# Secret Scanning This skill provides procedural guidance for configuring GitHub secret scanning — detecting leaked credentials, preventing secret pushes, defining custom patterns, and managing alerts. ## When to Use This Skill Use this skill when the request involves: - Enabling or configuring secret scanning for a repository or organization - Setting up push protection to block secrets before they reach the repository - Defining custom secret patterns with regular expressions - Resolving a blocked push from the command line - Triaging, dismissing, or remediating secret scanning alerts - Configuring delegated bypass for push protection - Excluding directories from secret scanning via `secret_scanning.yml` - Understanding alert types (user, partner, push protection) - Enabling validity checks or extended metadata checks - Scanning local code changes for secrets before committing (via MCP / AI coding agent) — see the **Pre-Commit Scanning via AI Coding Agents** section below for the recommended plugin ## How Secret Scanning Works Secret scanning automatically detects exposed credentials across: - Entire Git history on all branches - Issue descriptions, comments, and titles (open and closed) - Pull request titles, descriptions, and comments - GitHub Discussions titles, descriptions, and comments - Wikis and secret gists ### Availability | Repository Type | Availability | |---|---| | Public repos | Automatic, free | | Private/internal (org-owned) | Requires GitHub Secre...

Details

Author
github
Repository
github/awesome-copilot
Created
11 months ago
Last Updated
yesterday
Language
Python
License
MIT

Integrates with

GitHub · DevTools Model Context Protocol · AI

Similar Skills

Semantically similar based on skill content — not just same category

AI & Automation Solid

secret-detection-scanner

Detect secrets, credentials, and sensitive data in code and configurations. Scan git history for secrets, detect API keys, tokens, passwords, check environment files, monitor CI/CD logs for exposure, generate remediation steps, and track secret rotation status.

1,034 Updated today
a5c-ai
AI & Automation Solid

scanning-for-secrets

This skill helps you scan your codebase for exposed secrets and credentials. It uses pattern matching and entropy analysis to identify potential security vulnerabilities such as API keys, passwords, and private keys. Use this skill when you want to proactively identify and remediate exposed secrets before they are committed to version control or deployed to production. It is triggered by phrases like "scan for secrets", "check for exposed credentials", "find API keys", or "run secret scanner".

2,266 Updated today
jeremylongshore
AI & Automation Featured

implementing-secret-scanning-with-gitleaks

This skill covers implementing Gitleaks for detecting and preventing hardcoded secrets in git repositories. It addresses configuring pre-commit hooks, CI/CD pipeline integration, custom rule authoring for organization-specific secrets, baseline management for existing repositories, and remediation workflows for exposed credentials.

12,642 Updated today
mukul975
Code & Development Listed

secrets-scanner

Detect and remediate leaked credentials in code and git-history — entropy/regex scanning with gitleaks/trufflehog/detect-secrets, rotate-first incident response, and pre-commit/CI gating to prevent reoccurrence.

4 Updated 1 weeks ago
roodlicht
Code & Development Listed

secret-scanner

Detect accidentally committed secrets, credentials, and sensitive information in code.

335 Updated today
aiskillstore