Skip to content

v0.2.11 - Secret audit skill

Choose a tag to compare

@OneClickPostFactory OneClickPostFactory released this 03 Jul 11:14

Adds the audit-only secret-audit skill and published CLI support.

Install:

npm install -g coding-agent-skills

New command:

coding-agent-skills secret-audit /path/to/project

Existing supported commands:

coding-agent-skills validate-pack
coding-agent-skills validate-project /path/to/project
coding-agent-skills repo-map /path/to/project
coding-agent-skills route-trace /path/to/project
coding-agent-skills env-audit /path/to/project
coding-agent-skills validate-adapters /path/to/adapter-root

Highlights:

  • Redacted static secret exposure detection by path, type, and count
  • Adapter-aware scope handling with fail-closed skips when not enabled
  • No matched value printing
  • No .env or secret-file reads
  • No credential validation, rotation, API calls, builds, tests, deployments, migrations, or project writes
  • Node.js 20+
  • No runtime dependencies

npm package: coding-agent-skills@0.2.11