simonw

simonw / scan-for-secrets

Public

Scan for secrets in files you plan to share

82
4
100% credibility
Found Apr 06, 2026 at 55 stars -- GitGems finds repos before they trend. Get early access to the next one.
Sign Up Free
AI Analysis
Python
AI Summary

A tool for scanning folders and files to detect accidentally included secret strings like passwords or keys, including their encoded forms, before public sharing.

How It Works

1
💡 Find the secret checker

You hear about a simple tool that helps spot hidden private info in your files before sharing them online.

2
📦 Get the tool ready

You easily add the checker to your computer so it's there whenever you need it.

3
🔑 Note your private codes

You list out the special private words or codes you want the tool to watch for, like service passwords.

4
📁 Pick your files or folder

You choose the folder with your project notes, logs, or specific files to examine.

5
🔍 Run the safety scan

You start the check, and it quickly searches every text file, even spotting cleverly disguised versions of your secrets.

6
📋 Review the findings

The tool shows nothing if all clear, or lists exact files and spots where private info appears.

🛡️ Share with confidence

Everything is safe now—you can happily post your files online without worry about leaks.

Sign up to see the full architecture

5 more

Sign Up Free

Star Growth

See how this repo grew from 55 to 82 stars Sign Up Free
Repurpose This Repo

Repurpose is a Pro feature

Generate ready-to-use prompts for X threads, LinkedIn posts, blog posts, YouTube scripts, and more -- with full repo context baked in.

Unlock Repurpose
AI-Generated Review

What is scan-for-secrets?

scan-for-secrets is a Python CLI tool that scans text files in directories or specific paths for hardcoded secrets like API keys before you share code, logs, or exports. Pass environment variables directly as arguments, pipe secrets from files, or use a shell config for repeated git scan secrets checks—it detects literal matches plus escaped variants in JSON, URLs, HTML entities, backslash-doubled strings, and Unicode. As a library, it offers functions to scan directories or files with streaming results for large repos.

Why is it gaining traction?

It beats basic string searches by catching sneaky encodings devs miss in logs or configs, making it a fast drop-in for github action scan for secrets or gitlab secrets scan pipelines. Config files let you bundle checks for AWS keys, 1Password, or LLM tokens without retyping, and verbose mode lists hits clearly with file:line hints. Zero-install via uvx keeps friction low for one-off scan github repo for secrets runs.

Who should use this?

DevOps engineers setting up pre-push hooks for git secrets scan bitbucket or scan github repo for vulnerabilities. AI tool users scrubbing agent logs for scan for secrets in code before posting. Teams auditing scan confluence for secrets, Jira exports, or scan github actions workflows for hardcoded secrets.

Verdict

Worth adding to your toolkit for routine scan for secrets github checks—reliable CLI and API with solid docs and tests. With 48 stars and 1.0% credibility score, it's immature but from a trusted creator; scale up once it hits more adoption.

(198 words)

Sign up to read the full AI review Sign Up Free

Similar repos coming soon.