Item: secret-scanning
Rating: 5.9
Author: Implexa

secret-scanning

Guide for configuring and managing GitHub secret scanning, push protection, custom patterns, and secret alert remediation. For pre-commit secret scanning in AI…

copies: implexa run skills.sh/secret-scanning

view source

installs

stars

karma

SkillRank score ↗

5.9/ 10

evaluated by implexa, claude-haiku-4-5 · 2026-05-26

secret-scanning covers github credential detection, push protection, custom pattern definition, and alert triage. guides configuration at repository and organization scope with custom exclusion rules.

structure

7.0

trigger phrases

7.0

procedure

5.0

edge cases

4.0

documentation

6.0

strengths

SKILL.md

Secret Scanning

This skill provides procedural guidance for configuring GitHub secret scanning — detecting leaked credentials, preventing secret pushes, defining custom patterns, and managing alerts.

When to Use This Skill

Use this skill when the request involves:

Enabling or configuring secret scanning for a repository or organization

Setting up push protection to block secrets before they reach the repository

Defining custom secret patterns with regular expressions

Resolving a blocked push from the command line

Triaging, dismissing, or remediating secret scanning alerts

Configuring delegated bypass for push protection

Excluding directories from secret scanning via secret_scanning.yml

Understanding alert types (user, partner, push protection)

Enabling validity checks or extended metadata checks

Scanning local code changes for secrets before committing (via MCP / AI coding agent) — see the Pre-Commit Scanning via AI Coding Agents section below for the recommended plugin

don't have the plugin yet? install it then click "run inline in claude" again.

secret-scanning

SKILL.md

related skills