v0.2.11 - Secret audit skill
Adds the audit-only secret-audit skill and published CLI support.
Install:
npm install -g coding-agent-skills
New command:
coding-agent-skills secret-audit /path/to/project
Existing supported commands:
coding-agent-skills validate-pack
coding-agent-skills validate-project /path/to/project
coding-agent-skills repo-map /path/to/project
coding-agent-skills route-trace /path/to/project
coding-agent-skills env-audit /path/to/project
coding-agent-skills validate-adapters /path/to/adapter-root
Highlights:
- Redacted static secret exposure detection by path, type, and count
- Adapter-aware scope handling with fail-closed skips when not enabled
- No matched value printing
- No .env or secret-file reads
- No credential validation, rotation, API calls, builds, tests, deployments, migrations, or project writes
- Node.js 20+
- No runtime dependencies
npm package: coding-agent-skills@0.2.11