Summary
Runs a regex-based scan across your workspace to catch exposed API keys, database credentials, and private keys before file-reading skills get access. It checks .env files, config JSONs, docker-compose, and common secret patterns like AWS keys, OpenAI tokens, and SSH keys, then reports findings with masked values and specific cleanup steps. The real value is the triage: it differentiates between committed secrets (critical) and local-only files (warnings), and escalates everything if you're about to run a skill with network access. Skips node_modules and test fixtures, won't scan your home directory without consent. Think of it as a preflight check that prevents the "oh no, did that skill just see my .env" moment.
Install to Claude Code
npx -y skills add useai-pro/openclaw-skills-security --skill credential-scanner --agent claude-codeInstalls into .claude/skills of the current project.
Keep your Mac awake while Claude Code and 40+ AI agents run. Sleeps when they're idle.
One time payment $9 →
Integrate web data into your AI product. One API to scrape website & brand data.
Get API Key Now →
Agent, run crypto. Access onchain data & trade routes via 1inch.
Install now →
On Capafy, your Skill runs online 24/7 as an agent product, and you get paid every time someone uses it.
Start earning →
Files
SKILL.md
Select a file.
Featured
Keep your Mac awake while Claude Code and 40+ AI agents run. Sleeps when they're idle.
One time payment $9 →Integrate web data into your AI product. One API to scrape website & brand data.
Get API Key Now →Agent, run crypto. Access onchain data & trade routes via 1inch.
Install now →On Capafy, your Skill runs online 24/7 as an agent product, and you get paid every time someone uses it.
Start earning →
