skills/1mangesh1/dev-skills-collection/secret-scanner/Socket

secret-scanner

Fail

Audited by Socket on Feb 21, 2026

1 alert found:

Obfuscated File

Obfuscated Fileexamples/sample-finding.json

HIGH

Obfuscated FileHIGH

examples/sample-finding.json

This report is a high-severity secrets exposure finding set — multiple high-confidence, provider-specific credentials are hardcoded in repository files and should be treated as compromised. There is no evidence in the provided artifact of embedded malware, but the leaked credentials enable attackers to perform malicious actions externally (cloud access, repo tampering, payment abuse, database access). Immediate remediation: revoke/rotate all exposed keys, remove secrets from source, clean git history, audit provider logs, and implement secrets management and preventive controls.

Confidence: 98%

Audit Metadata

Analyzed At

Feb 21, 2026, 07:05 AM

Package URL

pkg:socket/skills-sh/1mangesh1%2Fdev-skills-collection%2Fsecret-scanner%2F@613999eb2b03d609dbadd95fb3f21661f421eb14