vibescan_scan
Scan project directories for leaked secrets, dangerous code patterns, and git hygiene issues, returning severity, location, and fix suggestions.
Instructions
Scan a project directory for leaked secrets and security issues.
Detects:
Leaked secrets: API keys, passwords, tokens in code/config/docs
Dangerous patterns: eval(), shell injection, SQL injection, pickle
Git hygiene: missing .gitignore, unignored sensitive files
14 secret categories: env files, cloud credentials, Docker, CI/CD, SSH keys, etc.
Returns issues with severity, file location, description, and fix suggestion. All scanning runs locally — your code never leaves your machine.
Args: path: Project directory to scan (default: current directory) min_severity: Minimum severity to report — critical, high, medium, low, info (default: info)
Input Schema
| Name | Required | Description | Default |
|---|---|---|---|
| path | No | . | |
| min_severity | No | info |
Output Schema
| Name | Required | Description | Default |
|---|---|---|---|
| result | Yes |