CISO Security KitSupply ChainAI CISO
Secrets Scanning in Git History
TruffleHog / Gitleaks / detect-secrets pipeline across branches and history with revocation and rotation playbook.
What this skill does
Secrets Scanning in Git History is a versioned playbook inside the CISO Security Kit. It runs on the AI CISO agent through the Procux skill runtime, producing structured, auditable output suitable for executive review and regulator submission.
- Kit
- CISO Security Kit
- Category
- Supply Chain
- Primary agent(s)
- AI CISO
- Tags
- supply-chain, secrets, git, rotation
How to use it
- Sign in to your Procux workspace and open the platform dashboard.
- Pick the AI CISO agent, then pick Secrets Scanning in Git History from the CISO Security Kit catalog.
- Provide the required inputs (repo, document, endpoint, jurisdiction) — the agent runs the playbook and returns a structured report.
- Review, iterate, or export (PDF / JSON / Markdown) as part of your internal review cycle.
Related skills
- CI/CD Pipeline HardeningHarden CI/CD: OIDC federation, pinned action SHAs, least-privilege runners, SBOM + signing on release.
- Container Image ScanningTrivy / Grype / Snyk scanning and base-image hygiene; CVE triage workflow gated at build and admission.
- SBOM Generation & AnalysisCycloneDX / SPDX SBOM generation, consumption, and exploitability triage aligned with NTIA minimum elements.