expanso-secrets-scan
Detect hardcoded secrets (API keys, tokens, passwords) in text or code.
Setup & Installation
Install command
clawhub install aronchick/expanso-secrets-scanIf the CLI is not installed:
Install command
npx clawhub@latest install aronchick/expanso-secrets-scanOr install with OpenClaw CLI:
Install command
openclaw skills install aronchick/expanso-secrets-scanor paste the repo link into your assistant's chat
Install command
https://github.com/openclaw/skills/tree/main/skills/aronchick/expanso-secrets-scanWhat This Skill Does
Scans text or code for hardcoded secrets such as API keys, tokens, and passwords. Runs locally via the Expanso Edge binary as a CLI pipeline or MCP server. Can also be deployed to Expanso Cloud for remote execution.
Runs the scan locally through a lightweight binary without sending code to a third-party SaaS service.
When to Use It
- Auditing a repository before making it public
- Checking a config file for accidentally included credentials
- Scanning a code snippet received from a colleague
- Reviewing environment files before committing to version control
- Verifying a script does not contain hardcoded tokens
Example Workflow
Here's how your AI assistant might use this skill in practice.
User asks: Auditing a repository before making it public
- 1Auditing a repository before making it public
- 2Checking a config file for accidentally included credentials
- 3Scanning a code snippet received from a colleague
- 4Reviewing environment files before committing to version control
- 5Verifying a script does not contain hardcoded tokens
Detect hardcoded secrets (API keys, tokens, passwords) in text or code.
Security Audits
These signals reflect official OpenClaw status values. A Suspicious status means the skill should be used with extra caution.