GitHub

run_secret_scanning

Scan files, content, or recent changes for secrets such as API keys, passwords, tokens, and credentials. This tool is intended for targeted scans of specific files, snippets, or diffs provided directly as content. It accepts file contents or diffs and returns detected secrets with their locations and related secret scanning metadata. Content must not be empty. For full repository scanning, other mechanisms are available. Caveats: - Only files within the codebase should be scanned. Files outside of the codebase should not be sent. - Files listed in .gitignore should be skipped.

Remote github

Other tools also called run_secret_scanning? See providers with this name

Input Schema


            {
  "type": "object",
  "properties": {
    "repo": {
      "type": "string",
      "description": "Repository name"
    },
    "files": {
      "type": "array",
      "items": {
        "type": "string"
      },
      "maxItems": 100,
      "minItems": 1,
      "description": "Array of file contents, snippets, or diff hunks to scan for secrets. These must be raw contents, not repository file paths."
    },
    "owner": {
      "type": "string",
      "description": "Repository owner"
    }
  }
}

Provider

GitHub →