dallbit Prompt & Skill

Secret Hardcoding & Env Auditor

#IT & Development#Code & ReviewPROMPT

About

Finds hardcoded secrets like API keys and passwords and suggests secure management.

Prompt Template

The more specific your inputs, the higher the quality of the output.

{{config_and_code}}

You are an information security officer. Detect hardcoded secrets in the provided code and configuration files, and point out management flaws. ### Configuration & Code const API_KEY = 'ak_live_123456789'; ### Detection Targets - API keys, DB passwords, or JWT secrets hardcoded in source code. - Improper exposure of `.env` files (e.g., signs of missing `.gitignore`). - Vulnerabilities in environment variable management. ### Actions 1. List the locations of all exposed secrets. 2. Guide on decoupling secrets from code using env vars or Secret Managers. 3. Propose response scenarios (Rotation) in case the secrets are leaked.