find-credential-usage
Find Credential Usage
Input Parameters
| Parameter | Required | Description | Example |
|---|---|---|---|
credential_to_search |
Yes | The API key, token, password, or credential string to search for | sk-svcacct-2HXNWxbX0cap |
search_scope |
No | full (entire home directory), projects (Code/Herd only), or critical (.env and config files only) |
full |
Procedure
-
Ask for the credential to search if not provided
-
Search each location and collect results:
# Environment variables env | grep -i "{{SEARCH_TERM}}" # Shell profiles grep -r "{{SEARCH_TERM}}" ~/.zshrc ~/.bashrc ~/.bash_profile ~/.profile ~/.zprofile 2>/dev/null # Shell history history | grep -i "{{SEARCH_TERM}}" # .env files (home directory, 3 levels deep) cd ~ && find . -maxdepth 3 -type f -name "*.env*" -exec grep -l "{{SEARCH_TERM}}" {} \; 2>/dev/null # Project directories grep -r "{{SEARCH_TERM}}" ~/Code ~/Herd 2>/dev/null | head -50 # macOS Keychain security find-generic-password -w -s "{{SEARCH_TERM}}" 2>/dev/null || echo "Not found in Keychain" -
Compile results into a markdown report organized by location type (env vars, shell profiles, .env files, keychain, project files)
-
Display a summary with total instance count and file paths
Notes
- Search runs locally — credentials are not transmitted externally
- Results may include sensitive information; handle the generated report carefully
- Large searches may take several minutes
- Shell history is unsearchable if history logging is disabled
Example
find all instances where I have used this API key across my system
where is this token stored on my machine
audit where this API key appears in my files
check if this credential is exposed anywhere on my system
scan my projects and config files for this secret
More from dalehurley/phpbot
desktop-control
Control the mouse, keyboard, and read screen content via accessibility. Use this skill when the user asks to click somewhere on screen, type text into an app, move the mouse, press keyboard shortcuts, read what's on screen, get the accessibility tree of the current window, automate desktop interactions, or control the computer.
39summarize-unread-emails
Retrieve and summarize all unread emails from your inbox, organized by category, sender, and date. Use this skill when the user asks to summarize unread emails, get an overview of unread messages, organize inbox emails, or review pending email communications. Provides a structured summary with categorization and timeline analysis.
20open-application
Open or launch applications on your computer by name. Use this skill when the user asks to open, launch, or start an application like Mail, Finder, Safari, Chrome, or any other installed macOS application. Works with both built-in and third-party applications.
10homebrew
Install, manage, and search for software packages on macOS using Homebrew. Use this skill when the user asks to install software, apps, CLI tools, developer utilities, programming languages, databases, or any package on a Mac. Supports formulae (CLI tools) and casks (GUI apps). Can also search, update, upgrade, uninstall, and diagnose Homebrew issues.
10csv-tools
Parse, query, filter, sort, transform, and summarize CSV and JSON data files. Use this skill when the user asks to view a CSV, filter data, get statistics from a data file, convert CSV to JSON or vice versa, sort data, or analyze tabular data.
9get-weather-forecast
Retrieve current weather conditions and multi-day forecasts for any location using the wttr.in API. Use this skill when the user asks for weather information, weather forecast, current conditions, temperature, or weather updates for a specific city or location. Provides detailed weather data including temperature, wind, precipitation, and visibility.
8