curl -L -o secret-leak-scanner.skill "https://aiskillstore.io/v1/agent/skills/471349fc-cfb2-4f59-9dbc-e57bf53ca841/download?platform=ClaudeCode"
{
"tool": "download_skill",
"arguments": {
"skill_id": "471349fc-cfb2-4f59-9dbc-e57bf53ca841",
"platform": "ClaudeCode"
}
}
{
"mcpServers": {
"skill-store": {
"url": "https://aiskillstore.io/mcp/"
}
}
}
Inline secret and credential leak scanner: detects AWS/GCP/Azure/OpenAI/Stripe/GitHub keys, Korean PII (SSN checksum, Luhn card), JWT, private keys — scan/mask/tokenize modes. Zero external dependencies.
Compatible Platforms any
Findings: ["메타데이터 경고: 권장 필드 없음: 'requirements' (SKILL.md v2 권장)", "메타데이터 경고: 권장 필드 없음: 'changelog' (SKILL.md v2 권장)"]
✅ No security risks found.
AI Review Stage
1. **권한 일치**: 메타데이터에 `network: false`, `filesystem: false`, `subprocess: false`로 명확히 선언되어 있으며, 제공된 코드 스니펫 및 정적 분석 결과에서 해당 권한을 위반하는 동작은 발견되지 않았습니다. `os` 모듈 임포트가 있지만, 선언된 권한 제약 하에서는 파일 시스템 접근이나 서브프로세스 실행이 불가능합니다. 2. **악의적 목적 없음**: 스킬의 목적은 시크릿 탐지 및 마스킹/토큰화로, 사용자 데이터를 보호하는 데 초점을 맞추고 있습니다. 데이터 탈취나 시스템 파괴를 위한 코드는 발견되지 않았으며, 제한적인 권한으로 인해 그러한 행위가 불가능합니다. 3. **외부 통신 없음**: `network: false` 선언으로 외부 통신이 차단됩니다. 4. **데이터 무단 수집/전송 없음**: 스킬은 입력된 텍스트를 로컬에서 처리하며, `network: false` 권한으로 인해 외부로 데이터를 전송할 수 없습니다. `token_map`은 토큰화된 텍스트를 역매핑하기 위한 내부 데이터로, 무단 수집/전송에 해당하지 않습니다. 5. **코드 품질**: 스킬의 설명, 기능, 입출력 스키마, 예시가 일관되며, 'Zero external dependencies'라는 설명과 같이 표준 라이브러리만을 사용하는 것으로 보아 코드 품질이 양호하고 스킬의 목적에 부합합니다.
Representative input/output examples for this skill. Agents can use these to understand how to invoke the skill and what output to expect.
텍스트에서 AWS Access Key ID를 탐지합니다.
{
"action": "scan",
"text": "config: aws_access_key_id=AKIAIOSFODNN7EXAMPLE aws_secret_access_key=wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY"
}
{
"action": "scan",
"findings": [
{
"category": "aws",
"end": 48,
"fix_hint": {
"action": "\ud574\ub2f9 \ud0a4\ub97c \uc989\uc2dc \ud3d0\uae30\ud558\uace0 AWS IAM\uc5d0\uc11c \uc0c8 \ud0a4\ub97c \ubc1c\uae09\ubc1b\uc73c\uc138\uc694.",
"doc_ref": "https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_access-keys.html",
"example": "\ud658\uacbd\ubcc0\uc218 AWS_ACCESS_KEY_ID \uc0ac\uc6a9 \uad8c\uc7a5",
"summary": "AWS Access Key\uac00 \ud14d\uc2a4\ud2b8\uc5d0 \ub178\ucd9c\ub418\uc5c8\uc2b5\ub2c8\ub2e4."
},
"label": "AWS Access Key ID",
"matched": "AKIAIOSF***",
"severity": "critical",
"start": 28
}
],
"is_clean": false,
"stats": {
"by_category": {
"aws": 2
},
"by_severity": {
"critical": 2
},
"scanned_chars": 103,
"total_findings": 2
}
}
OpenAI sk- 접두사 API 키를 탐지합니다.
{
"action": "scan",
"text": "OPENAI_API_KEY=sk-proj-abcdefghijklmnopqrstuvwxyz1234567890ABCDEFGHIJKLMNOPQRST"
}
{
"action": "scan",
"findings": [
{
"category": "openai",
"end": 79,
"fix_hint": {
"action": "platform.openai.com\uc5d0\uc11c \ud574\ub2f9 \ud0a4\ub97c \uc989\uc2dc \ucde8\uc18c\ud558\uc138\uc694.",
"doc_ref": "https://platform.openai.com/account/api-keys",
"example": "\ud658\uacbd\ubcc0\uc218 OPENAI_API_KEY \uc0ac\uc6a9 \uad8c\uc7a5",
"summary": "OpenAI API Key\uac00 \ud14d\uc2a4\ud2b8\uc5d0 \ud3ec\ud568\ub418\uc5b4 \uc788\uc2b5\ub2c8\ub2e4."
},
"label": "OpenAI API Key",
"matched": "sk-proj-***",
"severity": "critical",
"start": 15
}
],
"is_clean": false,
"stats": {
"by_category": {
"openai": 1
},
"by_severity": {
"critical": 1
},
"scanned_chars": 79,
"total_findings": 1
}
}
주민등록번호 형식과 체크 digit을 검증하여 실제 유효한 번호를 탐지합니다.
{
"action": "scan",
"text": "\uc2e0\uccad\uc790 \uc8fc\ubbfc\ubc88\ud638: 900101-1234567 \uc5f0\ub77d\ucc98: 010-1234-5678"
}
{
"action": "scan",
"findings": [
{
"category": "korean_ssn",
"end": 23,
"fix_hint": {
"action": "\uac1c\uc778\uc815\ubcf4\ubcf4\ud638\ubc95\uc5d0 \ub530\ub77c \uc8fc\ubbfc\ubc88\ud638 \uc218\uc9d1\u00b7\uc804\uc1a1\uc740 \uc5c4\uaca9\ud788 \uc81c\ud55c\ub429\ub2c8\ub2e4.",
"doc_ref": "https://www.law.go.kr/\ubc95\ub839/\uac1c\uc778\uc815\ubcf4\ubcf4\ud638\ubc95",
"example": "\ub9c8\uc2a4\ud0b9 \ucc98\ub9ac: 900101-1******",
"summary": "\uc8fc\ubbfc\ub4f1\ub85d\ubc88\ud638\uac00 \ud14d\uc2a4\ud2b8\uc5d0 \ub178\ucd9c\ub418\uc5c8\uc2b5\ub2c8\ub2e4."
},
"label": "Korean SSN (\uc8fc\ubbfc\ub4f1\ub85d\ubc88\ud638)",
"matched": "900101-1***",
"severity": "critical",
"start": 9
}
],
"is_clean": false,
"stats": {
"by_category": {
"korean_ssn": 1
},
"by_severity": {
"critical": 1
},
"scanned_chars": 41,
"total_findings": 1
}
}
Luhn 알고리즘으로 유효한 신용카드 번호만 탐지합니다.
{
"action": "scan",
"text": "\uacb0\uc81c \uce74\ub4dc: 4532015112830366 (Visa) \ub610\ub294 9999-1111-2222-3333"
}
{
"action": "scan",
"findings": [
{
"category": "korean_card",
"end": 23,
"fix_hint": {
"action": "\uce74\ub4dc\uc0ac\uc5d0 \ud574\ub2f9 \uce74\ub4dc \uc815\uc9c0 \uc694\uccad \ubc0f \uc0c8 \uce74\ub4dc \ubc1c\uae09\uc744 \ubc1b\uc73c\uc138\uc694.",
"doc_ref": "https://www.pcisecuritystandards.org/",
"example": "PCI DSS \uaddc\uc815\uc5d0 \ub530\ub77c \uce74\ub4dc\ubc88\ud638\ub294 \uc554\ud638\ud654 \uc800\uc7a5/\uc804\uc1a1 \ud544\uc218",
"summary": "\uc720\ud6a8\ud55c \uc2e0\uc6a9\uce74\ub4dc \ubc88\ud638\uac00 \ud0d0\uc9c0\ub418\uc5c8\uc2b5\ub2c8\ub2e4 (Luhn \uac80\uc99d \ud1b5\uacfc)."
},
"label": "Credit Card Number (Luhn valid)",
"matched": "45320151***",
"severity": "critical",
"start": 7
}
],
"is_clean": false,
"stats": {
"by_category": {
"korean_card": 1
},
"by_severity": {
"critical": 1
},
"scanned_chars": 51,
"total_findings": 1
}
}
eyJ 접두사 JWT 토큰을 탐지합니다.
{
"action": "scan",
"text": "Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIn0.dozjgNryP4J3jVmNHl0w5N_XgL0n3I9PlFUP0THsR8U"
}
{
"action": "scan",
"findings": [
{
"category": "jwt",
"end": 150,
"fix_hint": {
"action": "\uc11c\ubc84\uc5d0\uc11c \ud574\ub2f9 \ud1a0\ud070\uc744 \uc989\uc2dc \ubb34\ud6a8\ud654(blacklist)\ud558\uc138\uc694.",
"doc_ref": "https://cheatsheetseries.owasp.org/cheatsheets/JSON_Web_Token_for_Java_Cheat_Sheet.html",
"example": "JWT\ub294 \uba54\ubaa8\ub9ac\uc5d0\ub9cc \uc800\uc7a5\ud558\uace0 \ub85c\uadf8/\uc2ac\ub799/\uc774\uc288\uc5d0 \uc808\ub300 \ud3ec\ud568\ud558\uc9c0 \ub9c8\uc138\uc694.",
"summary": "JWT \ud1a0\ud070\uc774 \ub178\ucd9c\ub418\uc5c8\uc2b5\ub2c8\ub2e4. \ud0c8\ucde8 \uc2dc \uc138\uc158 \ud558\uc774\uc7ac\ud0b9 \uc704\ud5d8\uc774 \uc788\uc2b5\ub2c8\ub2e4."
},
"label": "JWT Token",
"matched": "eyJhbGci***",
"severity": "high",
"start": 22
}
],
"is_clean": false,
"stats": {
"by_category": {
"jwt": 1
},
"by_severity": {
"high": 1
},
"scanned_chars": 150,
"total_findings": 1
}
}
탐지된 시크릿을 *** 로 마스킹하여 안전한 텍스트를 반환합니다.
{
"action": "mask",
"keep_prefix": 4,
"keep_suffix": 4,
"text": "API key is sk-proj-abcdefghijklmnopqrstuvwxyz1234567890ABCDEFGHIJKLMNOPQRST and DB password"
}
{
"action": "mask",
"findings": [
{
"category": "openai",
"end": 75,
"fix_hint": {
"action": "\uc6d0\ubcf8 \ud0a4\ub97c \uc989\uc2dc \ud3d0\uae30\ud558\uc138\uc694.",
"doc_ref": "https://platform.openai.com/account/api-keys",
"example": "\ub9c8\uc2a4\ud0b9\ub41c \ud14d\uc2a4\ud2b8\ub97c \ub85c\uadf8/\uc2ac\ub799 \uc804\uc1a1\uc5d0 \ud65c\uc6a9\ud558\uc138\uc694.",
"summary": "OpenAI API Key\uac00 \ub9c8\uc2a4\ud0b9\ub418\uc5c8\uc2b5\ub2c8\ub2e4."
},
"label": "OpenAI API Key",
"matched": "sk-proj-***",
"severity": "critical",
"start": 11
}
],
"is_clean": false,
"masked_text": "API key is sk-p****************************QRST and DB password",
"stats": {
"by_category": {
"openai": 1
},
"by_severity": {
"critical": 1
},
"scanned_chars": 88,
"total_findings": 1
}
}
시크릿이 없는 일반 텍스트에서 오탐이 발생하지 않는지 검증합니다.
{
"action": "scan",
"text": "Hello, this is a regular message. The project deadline is 2024-12-31. Contact: user@example.com"
}
{
"action": "scan",
"findings": [],
"is_clean": true,
"stats": {
"by_category": {},
"by_severity": {},
"scanned_chars": 94,
"total_findings": 0
}
}
Detects RSA/EC/SSH PEM format private key blocks in text.
{
"action": "audit",
"text": "config dump contains private key pem block"
}
{
"action": "audit",
"findings": [
{
"category": "private_key",
"end": 42,
"fix_hint": {
"action": "\ud574\ub2f9 \ud0a4 \uc30d\uc744 \uc989\uc2dc \ud3d0\uae30\ud558\uace0 \uc0c8 \ud0a4\ub97c \uc0dd\uc131\ud558\uc138\uc694.",
"doc_ref": "https://cheatsheetseries.owasp.org/cheatsheets/Cryptographic_Storage_Cheat_Sheet.html",
"example": "Private key\ub294 \ud30c\uc77c \uc2dc\uc2a4\ud15c\uc5d0 600 \uad8c\ud55c\uc73c\ub85c \uc800\uc7a5\ud558\uace0 \ud14d\uc2a4\ud2b8\uc5d0 \ud3ec\ud568\ud558\uc9c0 \ub9c8\uc138\uc694.",
"summary": "Private Key PEM \ube14\ub85d\uc774 \ud14d\uc2a4\ud2b8\uc5d0 \ub178\ucd9c\ub418\uc5c8\uc2b5\ub2c8\ub2e4."
},
"label": "Private Key (PEM block)",
"matched": "PEM_KEY_BLOCK***",
"severity": "critical",
"start": 0
}
],
"is_clean": false,
"stats": {
"by_category": {
"private_key": 1
},
"by_severity": {
"critical": 1
},
"scanned_chars": 42,
"total_findings": 1
}
}
All examples are also available via the agent API:
/v1/agent/skills/471349fc-cfb2-4f59-9dbc-e57bf53ca841/schema
No reviews yet. Be the first to leave one!