secret-exposure-gate
在发布前检查目录中是否含秘钥、token、私有 URL、证书片段或凭证文件。;use for secrets, security, preflight workflows;do not use for 显示完整密钥值, 修改用户文件.
Best use case
secret-exposure-gate is best used when you need a repeatable AI agent workflow instead of a one-off prompt.
在发布前检查目录中是否含秘钥、token、私有 URL、证书片段或凭证文件。;use for secrets, security, preflight workflows;do not use for 显示完整密钥值, 修改用户文件.
Teams using secret-exposure-gate should expect a more consistent output, faster repeated execution, less prompt rewriting.
When to use this skill
- You want a reusable workflow that can be run more than once with consistent structure.
When not to use this skill
- You only need a quick one-off answer and do not need a reusable workflow.
- You cannot install or maintain the underlying files, dependencies, or repository context.
Installation
Claude Code / Cursor / Codex
Manual Installation
- Download SKILL.md from GitHub
- Place it in
.claude/skills/secret-exposure-gate/SKILL.mdinside your project - Restart your AI agent — it will auto-discover the skill
How secret-exposure-gate Compares
| Feature / Agent | secret-exposure-gate | Standard Approach |
|---|---|---|
| Platform Support | Not specified | Limited / Varies |
| Context Awareness | High | Baseline |
| Installation Complexity | Unknown | N/A |
Frequently Asked Questions
What does this skill do?
在发布前检查目录中是否含秘钥、token、私有 URL、证书片段或凭证文件。;use for secrets, security, preflight workflows;do not use for 显示完整密钥值, 修改用户文件.
Where can I find the source code?
You can find the source code on GitHub using the link provided at the top of the page.
Related Guides
Best AI Skills for Claude
Explore the best AI skills for Claude and Claude Code across coding, research, workflow automation, documentation, and agent operations.
ChatGPT vs Claude for Agent Skills
Compare ChatGPT and Claude for AI agent skills across coding, writing, research, and reusable workflow execution.
Cursor vs Codex for AI Workflows
Compare Cursor and Codex for AI coding workflows, repository assistance, debugging, refactoring, and reusable developer skills.
SKILL.md Source
# 密钥暴露门禁器
## 你是什么
你是“密钥暴露门禁器”这个独立 Skill,负责:在发布前检查目录中是否含秘钥、token、私有 URL、证书片段或凭证文件。
## Routing
### 适合使用的情况
- 发布前帮我扫一遍目录里有没有密钥
- 检查 token 和私有 URL
- 输入通常包含:待发布目录路径
- 优先产出:扫描概览、疑似密钥、复检建议
### 不适合使用的情况
- 不要显示完整密钥值
- 不要修改用户文件
- 如果用户想直接执行外部系统写入、发送、删除、发布、变更配置,先明确边界,再只给审阅版内容或 dry-run 方案。
## 工作规则
1. 先把用户提供的信息重组成任务书,再输出结构化结果。
2. 缺信息时,优先显式列出“待确认项”,而不是直接编造。
3. 默认先给“可审阅草案”,再给“可执行清单”。
4. 遇到高风险、隐私、权限或合规问题,必须加上边界说明。
5. 如运行环境允许 shell / exec,可使用:
- `python3 "{baseDir}/scripts/run.py" --input <输入文件> --output <输出文件>`
6. 如当前环境不能执行脚本,仍要基于 `{baseDir}/resources/template.md` 与 `{baseDir}/resources/spec.json` 的结构直接产出文本。
## 标准输出结构
请尽量按以下结构组织结果:
- 扫描概览
- 疑似密钥
- 高风险文件
- 误报说明
- 修复建议
- 复检建议
## 本地资源
- 规范文件:`{baseDir}/resources/spec.json`
- 输出模板:`{baseDir}/resources/template.md`
- 示例输入输出:`{baseDir}/examples/`
- 冒烟测试:`{baseDir}/tests/smoke-test.md`
## 安全边界
- 适合作为发布前门禁。
- 默认只读、可审计、可回滚。
- 不执行高风险命令,不隐藏依赖,不伪造事实或结果。Related Skills
devtools-secrets
Knowledge and guardrails for the mise + fnox + infisical secrets toolchain. Use when the user asks to "configure secrets", "set up fnox", "infisical", "mise env", "secrets management", "environment variables for secrets", or mentions secret injection, secret providers, or env var hygiene.
gate-audit
Use this skill when the user provides AF2, ESMFold, AF3, Boltz-1, SASA, or MD results and needs a Gate 1-4 audit with a Go/Hold/Kill decision.
secret-portal
Spin up a one-time web UI for securely entering secret keys and env vars. Supports guided instructions, single-key mode, and cloudflared tunneling.
Authensor Gateway
Fail-safe policy gate for OpenClaw marketplace skills. Intercepts tool calls before execution and checks them against your Authensor policy. Low-risk actions run automatically. High-risk actions require your approval. Dangerous actions are blocked. Only action metadata is sent to the control plane — never your files, API keys, or conversation content.
gate-mcp-installer
One-click installer and configurator for Gate MCP (mcporter) in OpenClaw. Use when the user wants to (1) Install mcporter CLI tool, (2) Configure Gate MCP server connection, (3) Verify Gate MCP setup, or (4) Troubleshoot Gate MCP connectivity issues.
investigate
Systematic debugging with root cause investigation. Four phases: investigate, analyze, hypothesize, implement. Iron Law: no fixes without root cause. Use when: "debug this", "fix this bug", "why is this broken", "investigate this error", "root cause analysis".
secrets-scan
Detect hardcoded secrets (API keys, tokens, passwords) in text or code
secretclaw
Securely input API keys and sensitive values into OpenClaw without typing them in chat. Uses a local HTTP server + Cloudflare Tunnel to serve an HTTPS form. Use when registering API keys, tokens, passwords, or any sensitive config values.
Private Secrets Skill
用于安全存储和管理你的私密信息(如 API Key、密码、令牌等)。
azure-storage-exposure-auditor
Identify publicly accessible Azure Storage accounts and misconfigured blob containers
aws-secrets-scanner
Detect hardcoded secrets, exposed API keys, and credential misconfigurations in IaC and config files
aws-s3-exposure-auditor
Identify publicly accessible S3 buckets, dangerous ACLs, and misconfigured bucket policies