{"slug":"deepfence-secretscanner","name":"SecretScanner","description":":unlock: :unlock: Find secrets and passwords in container images and file systems :unlock: :unlock:","tagline":":unlock: :unlock: Find secrets and passwords in container images and file systems :unlock: :unlock:","category":"devops","tags":["kubernetes","devops","containers","devsecops","docker","hacktoberfest","infosectools","k8s","password","scanning-tool"],"author":{"name":"deepfence","verified":true,"url":"https://github.com/deepfence"},"attribution":{"status":"community_indexed","statusLabel":"Community indexed","shortLabel":"COMMUNITY INDEXED","sourceLabel":"GitHub star discovery","sourceDetail":"deepfence/SecretScanner","creatorName":"deepfence","creatorUrl":"https://github.com/deepfence","sourceUrl":"https://github.com/deepfence/SecretScanner","indexedBy":"OpenAgentSkill community index","claimUrl":"https://www.openagentskill.com/skills/deepfence-secretscanner#claim-this-skill","claimCta":"Claim this skill","trustNote":"This listing was indexed from public sources and is not marked official until a maintainer claim is approved.","publicNote":"Attribution links to the public repository or creator profile. Creators can claim the listing to update ownership signals."},"stats":{"stars":3362,"forks":347,"downloads":0,"rating":0,"review_count":0,"quality_score":59.39},"quality":{"score":97,"tier":"excellent","label":"Excellent","summary":"High-confidence pick with strong adoption and healthy maintenance signals.","signals":[{"label":"GitHub stars","value":"3.4K","tone":"positive"},{"label":"Freshness","value":"3mo ago","tone":"positive"},{"label":"Install ready","value":"Yes","tone":"positive"},{"label":"License","value":"MIT","tone":"neutral"}],"warnings":[]},"trust":{"version":"trust-score-v3","score":89,"tier":"production","label":"Production candidate","summary":"Strong OpenAgentSkill Trust Score across adoption, recent maintenance, license clarity, documentation, dependency/runtime risk, install safety, permission surface, and install availability.","recommendedAction":"Shortlist for production use, then run a normal repository and dependency review.","dimensions":[{"id":"github_adoption","label":"GitHub adoption","score":86,"weight":0.13,"status":"pass","detail":"3.4K GitHub stars"},{"id":"repo_activity","label":"Stars/forks activity","score":83,"weight":0.08,"status":"pass","detail":"3.4K stars, 347 forks; issue activity unavailable in current metadata"},{"id":"maintenance","label":"Recent maintenance","score":76,"weight":0.14,"status":"info","detail":"3mo since push"},{"id":"license","label":"License clarity","score":86,"weight":0.09,"status":"pass","detail":"MIT"},{"id":"documentation","label":"README/SKILL.md completeness","score":90,"weight":0.14,"status":"pass","detail":"Metadata includes enough usage and workflow context"},{"id":"dependency_risk","label":"Dependency/runtime risk","score":80,"weight":0.12,"status":"info","detail":"external package install surface"},{"id":"installability","label":"Install availability","score":92,"weight":0.1,"status":"pass","detail":"npx skills add deepfence/SecretScanner"},{"id":"install_safety","label":"Install command safety","score":92,"weight":0.1,"status":"pass","detail":"standard package or runtime install path"},{"id":"permission_surface","label":"Permission surface","score":60,"weight":0.07,"status":"warn","detail":"secrets or environment access, filesystem or document access"},{"id":"repository","label":"Repository evidence","score":86,"weight":0.04,"status":"pass","detail":"https://github.com/deepfence/SecretScanner"},{"id":"review_status","label":"Review status","score":88,"weight":0.05,"status":"pass","detail":"AI review data available"}],"checks":[{"status":"pass","label":"GitHub adoption","detail":"3.4K GitHub stars"},{"status":"pass","label":"Stars/forks activity","detail":"3.4K stars, 347 forks; issue activity unavailable in current metadata"},{"status":"info","label":"Recent maintenance","detail":"3mo since push"},{"status":"pass","label":"License clarity","detail":"MIT"},{"status":"pass","label":"README/SKILL.md completeness","detail":"Metadata includes enough usage and workflow context"},{"status":"info","label":"Dependency/runtime risk","detail":"external package install surface"},{"status":"pass","label":"Install availability","detail":"npx skills add deepfence/SecretScanner"},{"status":"pass","label":"Install command safety","detail":"standard package or runtime install path"},{"status":"warn","label":"Permission surface","detail":"secrets or environment access, filesystem or document access"},{"status":"pass","label":"Repository evidence","detail":"https://github.com/deepfence/SecretScanner"},{"status":"pass","label":"Review status","detail":"AI review data available"},{"status":"pass","label":"Ownership","detail":"Listing manually verified"},{"status":"info","label":"OpenAgentSkill usage","detail":"No local usage activity yet"}],"strengths":["Manually verified listing","AI review approved","Install path is available","Repository evidence is available","Meaningful GitHub adoption signal","Install command has no obvious high-risk pattern"],"warnings":["Permission surface needs review: secrets or environment access, filesystem or document access","Permission surface: secrets or environment access, filesystem or document access"],"evidence":{"stars":"3.4K GitHub stars","repoActivity":"3.4K stars, 347 forks","lastPushed":"3mo since push","license":"MIT","repository":"https://github.com/deepfence/SecretScanner","install":"npx skills add deepfence/SecretScanner","installSafety":"standard package or runtime install path","permissionSurface":"secrets or environment access, filesystem or document access","documentation":"Strong README/SKILL.md context"},"installReadiness":{"ready":true,"command":"npx skills add deepfence/SecretScanner","policy":"agent_install_candidate","label":"Agent install candidate","notes":["Install path is available","Repository evidence is available","License is declared","3mo since push"]},"agentCompatibility":["Go","Kubernetes","Codex","Claude Code","Cursor","OpenAgentSkill CLI"],"riskSummary":{"level":"medium","label":"Review before production","notes":["Permission surface needs review: secrets or environment access, filesystem or document access","Permission surface: secrets or environment access, filesystem or document access"]}},"safety":{"score":73,"level":"review_before_install","label":"Review before install","safety_tier":{"tier":"reviewed","label":"Reviewed","badge":"REVIEWED","summary":"Good audit and safety signals with no high-risk permission hints in public metadata.","recommended_action":"Review the audit page, then allow agent install in a sandboxed workflow.","auto_install_policy":"review","reasons":["Safe-to-try audit","73/100 agent safety score"]},"auto_install_allowed":false,"human_review_required":true,"blocked":false,"audit_risk":"safe_to_try","permission_hints":[{"id":"network","label":"Network access","reason":"Skill likely fetches remote pages, APIs, repositories, or external services.","severity":"medium"},{"id":"filesystem","label":"Filesystem access","reason":"Skill may read or write project files, documents, generated artifacts, or local workspace state.","severity":"medium"}],"policy_warnings":["Permission surface may require sandboxing"],"constraints_applied":{"max_risk":"medium","needs_install_command":true,"min_stars":0}},"safety_gate":{"tier":"reviewed","label":"Reviewed","badge":"REVIEWED","auto_install_policy":"review","auto_install_allowed":false,"human_review_required":true,"blocked":false,"recommended_action":"Review the audit page, then allow agent install in a sandboxed workflow.","reasons":["Safe-to-try audit","73/100 agent safety score"]},"supply_profile":{"track":{"slug":"coding","label":"Coding and developer agents","shortLabel":"Coding","description":"Code review, repo analysis, testing, CI, GitHub, DevOps, and developer workflow skills."},"scenario":{"label":"Coding agents","description":"I need a coding agent that can understand a repository, edit code, and review pull requests.","useCases":[{"slug":"workflow-automation","title":"Workflow automation"},{"slug":"security-compliance","title":"Security and compliance"},{"slug":"coding-agents","title":"Coding agents"}]},"applicableAgents":["Claude Code","CLI","Codex","Cursor","Go"],"install":{"ready":true,"command":"npx skills add deepfence/SecretScanner","primaryTarget":"CLI","targetCount":4},"githubQuality":{"stars":3362,"starsLabel":"3.4K","forks":347,"license":"MIT","qualityScore":97,"trustScore":89,"auditScore":89},"maintenance":{"status":"active","label":"3mo since push","daysSincePush":102,"lastPushedAt":"2026-03-07T16:56:58+00:00"},"risk":{"level":"safe_to_try","label":"Safe to try","requiresReview":true,"notes":["Permission surface may require sandboxing","Permission surface needs review: secrets or environment access, filesystem or document access","Permission surface: secrets or environment access, filesystem or document access"]},"coverageTags":["Coding","Coding agents","devops","kubernetes","containers","devsecops","docker","hacktoberfest"]},"audit":{"audit_score":89,"risk_level":"safe_to_try","risk_label":"Safe to try","warnings":["Permission surface may require sandboxing","Permission surface needs review: secrets or environment access, filesystem or document access","Permission surface: secrets or environment access, filesystem or document access"]},"decision":{"readiness_score":100,"readiness_label":"Production-ready","headline":"Primary pick for Workflow automation","role":"Primary pick","primary_fit":"Workflow automation","best_for":["Workflow automation workflows","Claude Code teams","teams that value GitHub adoption signals"],"risks":["No OpenAgentSkill engagement data yet"],"next_steps":["Install it in a sandbox agent and run one Workflow automation task end to end.","Compare output quality, latency, and failure behavior against at least one alternative.","Promote it into production only after reviewing repository permissions, license, and maintenance signals."]},"platforms":["Go","Kubernetes","Claude Code"],"use_cases":[{"slug":"workflow-automation","title":"Workflow automation","url":"https://www.openagentskill.com/use-cases/workflow-automation"},{"slug":"security-compliance","title":"Security and compliance","url":"https://www.openagentskill.com/use-cases/security-compliance"},{"slug":"coding-agents","title":"Coding agents","url":"https://www.openagentskill.com/use-cases/coding-agents"},{"slug":"rag-knowledge","title":"RAG and knowledge","url":"https://www.openagentskill.com/use-cases/rag-knowledge"}],"install":"npx skills add deepfence/SecretScanner","install_targets":[{"id":"openagentskill-cli","label":"CLI","title":"OpenAgentSkill CLI","kind":"command","value":"npx skills add deepfence/SecretScanner","description":"Use the registry command when your workflow supports the OpenAgentSkill installer.","copyLabel":"Copy command"},{"id":"codex","label":"Codex","title":"Codex install prompt","kind":"agent-prompt","value":"Install the \"SecretScanner\" agent skill from https://github.com/deepfence/SecretScanner. Read its SKILL.md or equivalent instructions first, install only the files needed for this workspace, and summarize any required setup before using it. Skill purpose: :unlock: :unlock: Find secrets and passwords in container images and file systems :unlock: :unlock:","description":"Give Codex a repo-aware install prompt when the skill is not available through a local CLI.","copyLabel":"Copy prompt"},{"id":"claude-code","label":"Claude Code","title":"Claude Code skill prompt","kind":"agent-prompt","value":"Add \"SecretScanner\" as a Claude Code skill from https://github.com/deepfence/SecretScanner. Inspect the skill instructions, place the reusable skill files in the appropriate local skills location for this project, and report the activation steps. Skill purpose: :unlock: :unlock: Find secrets and passwords in container images and file systems :unlock: :unlock:","description":"Use this prompt to ask Claude Code to add the skill and explain the local activation steps.","copyLabel":"Copy prompt"},{"id":"cursor","label":"Cursor","title":"Cursor rule prompt","kind":"agent-prompt","value":"Turn \"SecretScanner\" from https://github.com/deepfence/SecretScanner into a reusable Cursor project rule or agent instruction. Preserve the core workflow, adapt paths to this repo, and keep the rule scoped to tasks where it is relevant. Skill purpose: :unlock: :unlock: Find secrets and passwords in container images and file systems :unlock: :unlock:","description":"Use this when installing as Cursor project rules or reusable agent instructions.","copyLabel":"Copy prompt"}],"repository":"https://github.com/deepfence/SecretScanner","github_repo":"deepfence/SecretScanner","version":"1.0.0","license":"MIT","updated_at":"2026-06-16T09:17:04.841976+00:00","canonical_key":"deepfence/secretscanner","recommendation_reasons":["Useful GitHub adoption: 3,362 stars","Install handoff is available","Repository freshness signal is available"],"urls":{"web":"https://www.openagentskill.com/skills/deepfence-secretscanner","api":"https://www.openagentskill.com/api/agent/skills/deepfence-secretscanner","install_api":"https://www.openagentskill.com/api/skills/deepfence-secretscanner/install","audit":"https://www.openagentskill.com/skills/deepfence-secretscanner/audit","repository":"https://github.com/deepfence/SecretScanner"},"meta":{"endpoint":"/api/registry/manifest/{slug}","canonical_agent_endpoint":"/api/agent/skills/deepfence-secretscanner","agent_friendly":true,"api_version":"1.0","generated_at":"2026-06-17T17:15:14.092Z"}}