Secret Scanner Pack
★Trustedv1.0.0MIT✔Verified88by AgentNode · published 22 days ago · toolpack
Detect hardcoded secrets, API keys, and credentials in code.
Scan codebases for accidentally committed secrets, API keys, passwords, tokens, and private keys. Uses pattern matching and entropy analysis.
Quick Start
agentnode install secret-scanner-packUsage
From packagefrom secret_scanner_pack.tool import run
result = run(
action="scan_secrets",
path="/workspace/my-project",
recursive=True,
exclude_patterns=["*.test.js", "node_modules/**", "__pycache__/**"]
)
print(f"Files scanned: {result['files_scanned']}")
print(f"Secrets found: {result['total_findings']}")
print(f"Severity breakdown: {result['severity_counts']}")
for finding in result["findings"]:
print(f"\n[{finding['severity'].upper()}] {finding['type']}")
print(f" File: {finding['file']}:{finding['line']}")
print(f" Match: {finding['redacted_match']}")
print(f" Rule: {finding['rule_id']}")Verification
Package installs and imports correctly. runtime checks passed.
This package was executed and validated by AgentNode before listing. Install, import, and runtime checks passed.
Last verified 18d ago· Runner v2.0.0
Use this when you need to...
- ›Scan a codebase for accidentally committed AWS access keys
- ›Detect hardcoded database connection strings in configuration files
- ›Audit pull request diffs for leaked API tokens before merging
- ›Find private SSH keys and certificates checked into repositories
- ›Generate a compliance report of all detected credential exposures
README
Secret Scanner Pack
Detect hardcoded secrets, API keys, and credentials in code. Scan directories or git diffs for accidentally committed sensitive data before it reaches production.
Quick Start
agentnode install secret-scanner-pack
from secret_scanner_pack.tool import run
result = run(action="scan_secrets", path="/workspace/my-project")
print(f"Secrets found: {result['total_findings']}")
Usage
Scan a Directory
result = run(
action="scan_secrets",
path="/workspace/my-project",
recursive=True,
exclude_patterns=["node_modules/**", "*.min.js"]
)
for f in result["findings"]:
print(f"[{f['severity']}] {f['type']} in {f['file']}:{f['line']}")
Pre-Commit Git Diff Scan
result = run(
action="scan_secrets",
path="/workspace/my-project",
mode="git_diff",
git_ref="HEAD"
)
if result["total_findings"] > 0:
print("Commit blocked: secrets detected")
Custom Rule Patterns
result = run(
action="scan_secrets",
path="/workspace/my-project",
custom_rules=[
{"id": "internal-token", "pattern": r"INTERNAL_[A-Z0-9]{32}", "severity": "high"}
]
)
API Reference
| Capability | Description |
|---|---|
scan_secrets | Detect API keys, tokens, passwords, and credentials in source code files |
Detects: AWS keys, GitHub tokens, Slack tokens, private keys, database URIs, JWTs, and 50+ other patterns.
Requirements
No API keys required. All scanning runs locally.
License
MIT
Version History
Capabilities
Permissions
This package declares the following access levels. Review before installing.
agentnode install secret-scanner-packFiles (3)
License
MITStats
Compatibility
Frameworks
Runtime
pythonPython Version
>=3.10Trust & Security
Publisher
AgentNode
@agentnode