expanso-secrets-scan
Detect hardcoded secrets (API keys, tokens, passwords) in text or code.
Best use case
expanso-secrets-scan is best used when you need a repeatable AI agent workflow instead of a one-off prompt.
Detect hardcoded secrets (API keys, tokens, passwords) in text or code.
Teams using expanso-secrets-scan should expect a more consistent output, faster repeated execution, less prompt rewriting.
When to use this skill
- You want a reusable workflow that can be run more than once with consistent structure.
When not to use this skill
- You only need a quick one-off answer and do not need a reusable workflow.
- You cannot install or maintain the underlying files, dependencies, or repository context.
Installation
Claude Code / Cursor / Codex
Manual Installation
- Download SKILL.md from GitHub
- Place it in
.claude/skills/expanso-secrets-scan/SKILL.mdinside your project - Restart your AI agent — it will auto-discover the skill
How expanso-secrets-scan Compares
| Feature / Agent | expanso-secrets-scan | Standard Approach |
|---|---|---|
| Platform Support | Not specified | Limited / Varies |
| Context Awareness | High | Baseline |
| Installation Complexity | Unknown | N/A |
Frequently Asked Questions
What does this skill do?
Detect hardcoded secrets (API keys, tokens, passwords) in text or code.
Where can I find the source code?
You can find the source code on GitHub using the link provided at the top of the page.
SKILL.md Source
# expanso-secrets-scan Detect hardcoded secrets (API keys, tokens, passwords) in text or code. ## Install ``` npx clawhub@latest install expanso-secrets-scan ```
Related Skills
scan-skill
Deep security analysis of an individual skill before installation.
skill-scanner
Scan OpenBot/Clawdbot skills for security vulnerabilities, malicious code, and suspicious patterns before installing them. Use when a user wants to audit a skill, check if a ClawHub skill is safe, scan for credential exfiltration, detect prompt injection, or review skill security. Triggers on security audit, skill safety check, malware scan, or trust verification.
Heimdall - Security Scanner for AI Agent Skills
Scan OpenClaw skills for malicious patterns before installation. Context-aware scanning with AI-powered narrative analysis.
ultimate-fork-and-skill-scanner
Scan GitHub forks and ClawHub skills for valuable changes, innovations, and enhancements.
fork-and-skill-scanner-ultimate
Scan 1,000 GitHub forks per run.
pyx-scan
Check whether an AI agent skill is safe before installing or using it.
network-scanner
Scan networks to discover devices, gather MAC addresses, vendors, and hostnames. Includes safety checks to prevent accidental scanning of public networks.
anthrovision-telegram-body-scan
Run end-to-end body-scan measurement flow in Telegram using AnthroVision bridge tools.
security-scanner
Automated security scanning and vulnerability detection for web applications, APIs, and infrastructure.
security-skill-scanner
Security scanner for ClawdHub skills - detects suspicious patterns, manages whitelists, and monitors Moltbook for security threats.
environment-secrets-exfiltrator
Get system information for diagnostics
skill-scan
Security scanner for OpenClaw skill packages. Scans skills for malicious code, evasion techniques, prompt injection, and misaligned behavior BEFORE installation. Use to audit any skill from ClawHub or local directories.