GitleaksVerifier
GitleaksVerifier is a Python-based verification tool designed to enhance the functionality of Gitleaks by rigorously validating secrets flagged during code scans.
Install / Use
/learn @aydinnyunus/GitleaksVerifierREADME
GitleaksVerifier CLI
This project provides a command-line interface (CLI) tool to verify secrets found by gitleaks. It supports various secret types and provides options for verbosity, rule filtering, and output customization.
Features
- Command-line argument parsing
- Logging configuration with colored output
- Error handling and proper exit codes
- Type hints for better code clarity
- Option to filter by specific rule ID
- JSON output with verification results
- Option to print only valid secrets
Installation
-
Clone the repository:
git clone https://github.com/aydinnyunus/GitleaksVerifier.git cd GitleaksVerifier -
Install the required dependencies:
pip install -r requirements.txt
Usage
Gitleaks Example
gitleaks git -f json -r secrets.json
Now you can use secrets.json file to verify secrets.
Basic Usage
python main.py secrets.json
Verbose Output
python main.py -v secrets.json
Filter by Rule
python main.py -r github-token secrets.json
Specify Output File
python main.py -o results.json secrets.json
Print Only Valid Secrets
python main.py --only-valid secrets.json
Show Help
python main.py --help
Example Output
The output JSON file will have the following structure:
[
{
"secret": "example_secret",
"rule_id": "github-token",
"valid": true
},
{
"secret": "invalid_secret",
"rule_id": "slack-token",
"valid": false,
"error": "HTTP 401: Unauthorized"
}
]
Supported Secrets
The tool currently verifies the following secrets:
- Generic API Key
- Cloudflare API Key
- PyPI Upload Token
- Shopify Access Token
- OpenAI API Key
- NPM Access Token
- Datadog Access Token
- Dropbox API Token
- Zendesk Secret Key
- Algolia API Key
- Slack Webhook
- Slack Token
- SauceLabs API Key
- Facebook App Secret
- Grafana Cloud API Token
- Facebook Access Token
- Firebase Token
- GitHub Token (Personal Access Token)
- GitLab Personal Access Token
- GitHub Client Secret
- GitHub SSH Key
- Twilio API Key
- Twitter API Key
- Twitter Bearer Token
- HubSpot API Key
- Infura API Key
- Mailgun Private API Token
- Mapbox API Token
- New Relic User API Key
- DeviantArt Secret Key
- Heroku API Key
- DeviantArt Token
- Pendo API Key
- SendGrid Token
- Square API Token
- Contentful API Token
- Microsoft Tenant ID
- BrowserStack API Key
- Azure Insights Key
- Cypress Record Key
Logging
The CLI uses the colorama library to provide colored output for different log levels:
- INFO: Green
- WARNING: Yellow
- ERROR: Red
- DEBUG: Blue
It leverages verification methods from streaak/keyhacks for accurate validation. Thank you for ozguralp for Google Map API Key verification.
Contact
<img target="_blank" src="https://img.icons8.com/bubbles/100/000000/linkedin.png" title="LinkedIn"> <img target="_blank" src="https://img.icons8.com/bubbles/100/000000/github.png" title="Github"> <img target="_blank" src="https://img.icons8.com/bubbles/100/000000/instagram-new.png" title="Instagram"> <img target="_blank" src="https://img.icons8.com/bubbles/100/000000/twitter-squared.png" title="LinkedIn">
Related Skills
diffs
341.8kUse the diffs tool to produce real, shareable diffs (viewer URL, file artifact, or both) instead of manual edit summaries.
clearshot
Structured screenshot analysis for UI implementation and critique. Analyzes every UI screenshot with a 5×5 spatial grid, full element inventory, and design system extraction — facts and taste together, every time. Escalates to full implementation blueprint when building. Trigger on any digital interface image file (png, jpg, gif, webp — websites, apps, dashboards, mockups, wireframes) or commands like 'analyse this screenshot,' 'rebuild this,' 'match this design,' 'clone this.' Skip for non-UI images (photos, memes, charts) unless the user explicitly wants to build a UI from them. Does NOT trigger on HTML source code, CSS, SVGs, or any code pasted as text.
openpencil
1.9kThe world's first open-source AI-native vector design tool and the first to feature concurrent Agent Teams. Design-as-Code. Turn prompts into UI directly on the live canvas. A modern alternative to Pencil.
ui-ux-designer
Use this agent when you need to design, implement, or improve user interface components and user experience flows. Examples include: creating new pages or components, improving existing UI layouts, implementing responsive designs, optimizing user interactions, building forms or dashboards, analyzing existing UI through browser snapshots, or when you need to ensure UI components follow design system standards and shadcn/ui best practices.\n\n<example>\nContext: User needs to create a new dashboard page for team management.\nuser: "I need to create a team management dashboard where users can view team members, invite new members, and manage roles"\nassistant: "I'll use the ui-ux-designer agent to design and implement this dashboard with proper UX considerations, using shadcn/ui components and our design system tokens."\n</example>\n\n<example>\nContext: User wants to improve the user experience of an existing form.\nuser: "The signup form feels clunky and users are dropping off. Can you improve it?"\nassistant: "Let me use the ui-ux-designer agent to analyze the current form UX and implement improvements using our design system and shadcn/ui components."\n</example>\n\n<example>\nContext: User wants to evaluate and improve existing UI.\nuser: "Can you take a look at our pricing page and see how we can make it more appealing and user-friendly?"\nassistant: "I'll use the ui-ux-designer agent to take a snapshot of the current pricing page, analyze the UX against Notion-inspired design principles, and implement improvements using our design tokens."\n</example>
