Code
Secrets Detection
Secrets Detection searches code and version history for credentials that should never be stored there. It finds API keys, passwords, and tokens that have leaked.
What it is
Secrets are credentials that grant access to systems and services. When they end up in source code, they can be exposed to anyone who can read the repository. This module scans both current code and past git history to surface those leaks.
Key capabilities
- Finds API keys in code.
- Finds passwords in code.
- Finds tokens and other credentials.
- Scans git history, not just the latest commit.
- Highlights where each secret appears.
Who it’s for
It fits teams that want to keep credentials out of their repositories. It helps engineers catch accidental leaks before they spread. It suits any project tracked in git.