sast_hardcoded_secrets
Scan source code for hardcoded secrets like API keys, tokens, and database URLs using 20+ regex patterns on string literals.
Instructions
Scan all string literals and template literals for hardcoded secrets using 20+ regex patterns: AWS keys, GitHub tokens, Slack tokens, Stripe keys, private keys, JWTs, database URLs, and more.
Input Schema
| Name | Required | Description | Default |
|---|---|---|---|
| path | Yes | Directory path containing source files to analyze |