Overview
- Skill Key
- anmolnagpal/secrets-scanner
- Author
- anmolnagpal
- Source Repo
- openclaw/skills
- Version
- 1.0.0
- Source Path
- skills/anmolnagpal/secrets-scanner
- Latest Commit SHA
- fbbca9cf73602a4bf5981dd6df321869d7dd5d49
Official OpenClaw
rules
36%
aws-secrets-scanner
Detect hardcoded secrets, exposed API keys, and credential misconfigurations in IaC and config files
Stars
0
Installs
0
Status
ACTIVE
Visibility
PUBLIC
安装方式
直接复制以下提示词,发送给你的 AI 助手即可完成安装。
请先检查是否已安装 SkillHub 商店,若未安装,请根据 https://skillhub-1388575217.cos.ap-guangzhou.myqcloud.com/install/skillhub.md 安装 SkillHub 商店,然后安装 aws-secrets-scanner 技能。 若已安装,则直接安装 aws-secrets-scanner 技能。
Extracted Content
SKILL.md excerpt
# AWS Secrets & Credential Exposure Scanner
You are an AWS secrets security expert. Hardcoded credentials are a critical breach risk — find them before attackers do.
> **This skill is instruction-only. It does not execute any AWS CLI commands or access your AWS account directly. You provide the data; Claude analyzes it.**
## Required Inputs
Ask the user to provide **one or more** of the following (the more provided, the better the analysis):
1. **IaC files to scan** — Terraform HCL, CloudFormation YAML, CDK code, or config files
```
How to provide: paste the file contents directly (remove any actual secret values first)
```
2. **Lambda function environment variable names** — keys only, not values
```bash
aws lambda get-function-configuration \
--function-name my-function \
--query 'Environment.Variables' \
--output json
```
3. **ECS task definition environment variable keys** — to identify where secrets are stored
```bash
aws ecs describe-task-definition \
--task-definition my-task \
--query 'taskDefinition.containerDefinitions[].{Name:name,Env:environment[].name}' \
--output json
```
**Minimum required IAM permissions to run the CLI commands above (read-only):**
```json
{
"Version": "2012-10-17",
"Statement": [{
"Effect": "Allow",
"Action": ["lambda:GetFunctionConfiguration", "ecs:DescribeTaskDefinition", "ssm:DescribeParameters"],
"Resource": "*"
}]
}
```
If the user cannot provide any data, ask them to describe: the type of files in your codebase (languages, IaC tools used) and Claude will provide a scanning checklist and patterns to search for.
## Secret Types to Detect
- AWS Access Key IDs (pattern: `AKIA[0-9A-Z]{16}`)
- AWS Secret Access Keys (40-char alphanumeric)
- Database connection strings with embedded passwords
- API keys: Stripe (`sk_live_`), Twilio (`SK`), SendGrid, Slack webhooks
- Private SSH keys (`-----BEGIN RSA PRIVATE KEY-----`)
- JWT secrets and signing keys
- H...
Related Claw Skills
youmind-openlab
nano-banana-pro-prompts-recommend-skill
AI skill for OpenClaw & Claude Code — recommend from 10000+ Nano Banana Pro (Gemini) image prompts. Smart search by use case, content remix, sample images.
23blocks-os
ai-maestro
AI Agent Orchestrator with Skills System - Give AI Agents superpowers: memory search, code graph queries, agent-to-agent messaging. Manage Claude, Codex or any AI Agent from one dashboard. Move Agents between computers and locations
hashgraph-online
registry-broker-skills
AI agent skills for the Universal Registry - search, chat, and register 72,000+ agents across 14+ protocols. Works with Claude, Codex, Cursor, OpenClaw, and any AI assistant.
rito-w
skills-manager
A cross-platform skills manager for AI IDEs. Search marketplace, download locally, and install to Claude, Cursor, Windsurf, and more with one click.
besoeasy
open-skills
Battle-tested skill library for AI agents. Save 98% of API costs with ready-to-use code for crypto, PDFs, search, web scraping & more. No trial-and-error, no expensive APIs.
zeropointrepo
youtube-skills
YouTube Transcript API skills for AI agents. Get transcripts, search videos, browse channels. Works with OpenClaw, ClawdBot, Claude Code, Cursor, Windsurf.