← Back to Skills Marketplace
95
Downloads
0
Stars
1
Active Installs
1
Versions
Install in OpenClaw
/install smart-secrets-scanner
Description
Intelligent secrets detection and prevention — scan code, configs, and git history for exposed API keys, passwords, tokens, and credentials
Capability Analysis
Type: OpenClaw Skill
Name: smart-secrets-scanner
Version: 1.0.0
The skill bundle describes a 'smart-secrets-scanner' designed to locate highly sensitive information, including AWS keys, database credentials, and private keys, across the filesystem and git history. While the documentation in SKILL.md outlines a legitimate security use case, the tool's core functionality involves high-risk data access. Since the actual implementation logic (scanner.js) is missing from the provided files, it is impossible to verify if the detected secrets are handled locally or exfiltrated to an external endpoint.
Capability Tags
Capability Assessment
Purpose & Capability
The skill claims to be a Node-based scanner (commands like `node scanner.js scan ...`) but the skill bundle contains no code files, no scanner.js, and no install spec. It also does not declare Node (or any runtime) as a required binary. This is an internal inconsistency: either the skill should include the scanner implementation or declare how to obtain/install it.
Instruction Scope
The runtime instructions stay within the stated scope (scanning files and git history, installing a pre-commit hook, and redacting secrets). However they include actions that modify the repository (hook install, redact) — which is appropriate for a secrets tool but demands caution. The instructions do not describe safeguards, dry-run modes, or where findings are transmitted (no external endpoint declared).
Install Mechanism
There is no install spec — this is instruction-only. That is low-risk by itself, but the instructions assume a local scanner implementation and Node runtime. Without an included binary or a trusted install URL, there's no provenance for the code the instructions ask you to run. The lack of a homepage or source repository increases the risk.
scan_findings_in_context
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install smart-secrets-scanner - After installation, invoke the skill by name or use
/smart-secrets-scanner - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
- Initial release of smart-secrets-scanner.
- Scans source code, config files, and git history for exposed API keys, passwords, tokens, and credentials.
- Supports multiple detection patterns including cloud keys, API tokens, database URIs, private keys, and more.
- Offers auto-remediation suggestions and the option to redact secrets.
- Can be run as a pre-commit hook or integrated into CI/CD pipelines for leak prevention.
Metadata
Frequently Asked Questions
What is Smart Secrets Scanner?
Intelligent secrets detection and prevention — scan code, configs, and git history for exposed API keys, passwords, tokens, and credentials. It is an AI Agent Skill for Claude Code / OpenClaw, with 95 downloads so far.
How do I install Smart Secrets Scanner?
Run "/install smart-secrets-scanner" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Smart Secrets Scanner free?
Yes, Smart Secrets Scanner is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does Smart Secrets Scanner support?
Smart Secrets Scanner is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created Smart Secrets Scanner?
It is built and maintained by SKY-lv (@sky-lv); the current version is v1.0.0.
More Skills