Summary
This is a proper secrets scanner that actually does multi-stage analysis instead of just regex matching. It uses an orchestrator pattern to spawn subagents that run a tool called Poltergeist against your codebase, then individually assess each candidate to cut down false positives. The findings get written to a structured directory under ~/.ghost with severity ratings and remediation guidance. It's built for when you need to audit a repo for leaked API keys, hardcoded passwords, or exposed .env values before they hit production. The agent architecture means it can parallelize analysis across candidates, which matters if you're scanning a large codebase. Outputs are organized by repo and commit hash, so you can track findings over time.
Install to Claude Code
npx -y skills add ghostsecurity/skills --skill ghost-scan-secrets --agent claude-codeInstalls into .claude/skills of the current project.
Keep your Mac awake while Claude Code and 40+ AI agents run. Sleeps when they're idle.
One time payment $9 →
Integrate web data into your AI product. One API to scrape website & brand data.
Get API Key Now →
Agent, run crypto. Access onchain data & trade routes via 1inch.
Install now →
On Capafy, your Skill runs online 24/7 as an agent product, and you get paid every time someone uses it.
Start earning →
Files
SKILL.md
Select a file.
Featured
Keep your Mac awake while Claude Code and 40+ AI agents run. Sleeps when they're idle.
One time payment $9 →Integrate web data into your AI product. One API to scrape website & brand data.
Get API Key Now →Agent, run crypto. Access onchain data & trade routes via 1inch.
Install now →On Capafy, your Skill runs online 24/7 as an agent product, and you get paid every time someone uses it.
Start earning →First SeenJun 11, 2026
