endor-secrets

Scan for exposed secrets, credentials, API keys, and sensitive data in your codebase. Use when the user says "find secrets", "scan for API keys", "exposed credentials", "endor secrets", "check for hardcoded passwords", pre-commit / staged-only secret checks, or suspects leaked tokens in code. Detects AWS keys, GitHub tokens, Stripe keys, private keys, and more. Do NOT use for code vulnerability scanning (/endor-sast) or dependency checks (/endor-sca).

Quality

88%

Does it follow best practices?

Impact

Pending

No eval scenarios have been run

Securityby

Advisory

Suggest reviewing before use

Loading evals

Repository: endorlabs/skills-ideas
Commit: 344e7ff

Is this your skill?

If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.