Git Leak Recovery

Overview

This skill guides the process of recovering sensitive data (secrets, credentials, API keys) that have been removed from Git history through history-rewriting operations, extracting the data, and then securely cleaning the repository to ensure complete removal.

Key Concepts

Git Object Persistence

When commits are "removed" via operations like git reset, git rebase, or git commit --amend, the underlying Git objects are not immediately deleted. They become "unreachable" but persist in the repository until garbage collection occurs. This behavior enables recovery but also means secrets remain accessible until explicit cleanup.

Common Hiding Places for Secrets

When searching for removed secrets, check these locations in order of likelihood: