Loading...
Loading...
Found 5 Skills
Secret Scanner - Auto-activating skill for Security Fundamentals. Triggers on: secret scanner, secret scanner Part of the Security Fundamentals skill category.
Detect accidentally committed secrets, credentials, and sensitive information in code.
Detect exposed secrets, API keys, credentials, and tokens in code. Use before commits, on file saves, or when security is mentioned. Prevents accidental secret exposure. Triggers on file changes, git commits, security checks, .env file modifications.
Scans codebase for hardcoded secrets. Returns normalized findings with severity and remediation guidance. Pre-commit hook integration.
Validates .env files and environment variable configurations against project requirements. Checks for missing required variables, type mismatches, insecure defaults, unreferenced variables, and common configuration errors. Compares .env against .env.example, code references, and deployment manifests. Produces a structured validation report with severity-ranked findings. Triggers on: "validate env file", "check environment variables", "env file audit", "missing env vars", "env validation", "check .env", "environment config check", "validate configuration", "env file review", "dotenv validation". Use this skill when verifying environment configuration completeness and correctness before deployment or after onboarding. NOT for secret scanning (use repo-sentinel or secret-scanner). NOT for general config file editing (use filesystem skill).