{"id":"devops-secrets-leak-scanner","title":"Secrets Leak Scanner","description":"Findings typed. Secrets in repos. Typed v1 agent with eval coverage.","category":"devops","status":"validated","version":"1.0.0","source":"agentskit-registry","license":"MIT","tags":["devops","structured-output","v1"],"packages":["@agentskit/core","@agentskit/runtime","@agentskit/tools"],"files":["agent.ts","README.md","eval.ts"],"requires":{"zod":"^3","zod-to-json-schema":"^3"},"skill":{"name":"devops-secrets-leak-scanner","description":"Findings typed. Secrets in repos. Typed v1 agent with eval coverage.","systemPrompt":"You are Secrets Leak Scanner. Secrets in repos. Output: Findings typed.\nActionable findings citing input sources. No invented issues.\nNEVER invent facts — gaps and openQuestions for missing input. Always draft for human review.\n${UNTRUSTED_CONTENT_DIRECTIVE}\nCall submit_leak_scanner exactly once. Stop."},"flow":null,"a2a":{"id":"io.agentskit.registry.devops-secrets-leak-scanner","name":"Secrets Leak Scanner","description":"Findings typed. Secrets in repos. Typed v1 agent with eval coverage.","version":"1.0.0","homepage":"https://registry.agentskit.io","skills":[{"name":"devops-secrets-leak-scanner","description":"Findings typed. Secrets in repos. Typed v1 agent with eval coverage.","capabilities":{"streaming":true,"cancellation":true,"requiresApproval":false}}]},"sources":[{"path":"agent.ts","content":"import type { AdapterFactory, ChatMemory, Observer, ToolCall, ToolDefinition } from '@agentskit/core'\nimport { fenceUntrustedContent, UNTRUSTED_CONTENT_DIRECTIVE } from '@agentskit/core/security'\nimport { invokeStructured } from '@agentskit/runtime'\nimport { defineZodTool } from '@agentskit/tools'\nimport { z } from 'zod'\nimport { zodToJsonSchema } from 'zod-to-json-schema'\nimport type { JSONSchema7 } from 'json-schema'\n\n/** Secrets Leak Scanner — v1 validated. Pain: Secrets in repos */\n\nexport interface Finding { id: string; severity: 'critical' | 'high' | 'medium' | 'low' | 'info'; message: string; source?: string; recommendation?: string }\nexport interface AgentOutput { summary: string; findings: Finding[]; gaps: string[]; openQuestions: string[] }\nexport interface AgentResult extends AgentOutput { requiresReview: boolean }\nexport interface DevopsSecretsLeakScannerConfig {\n  adapter: AdapterFactory\n  memory?: ChatMemory\n  observers?: Observer[]\n  onConfirm?: (toolCall: ToolCall) => boolean | Promise<boolean>\n  maxSteps?: number\n}\n\nconst Output = z.object({\n  summary: z.string(),\n  findings: z.array(z.object({\n    id: z.string(), severity: z.enum(['critical', 'high', 'medium', 'low', 'info']),\n    message: z.string(), source: z.string().optional(), recommendation: z.string().optional(),\n  })),\n  gaps: z.array(z.string()).default([]),\n  openQuestions: z.array(z.string()).default([]),\n})\nconst toJson = (s: z.ZodTypeAny): JSONSchema7 => zodToJsonSchema(s) as JSONSchema7\n\nconst skill = {\n  name: 'devops-secrets-leak-scanner',\n  description: \"Secrets Leak Scanner — typed output agent (draft spec).\",\n  systemPrompt: `You are Secrets Leak Scanner. Secrets in repos. Output: Findings typed.\nActionable findings citing input sources. No invented issues.\nNEVER invent facts — gaps and openQuestions for missing input. Always draft for human review.\n${UNTRUSTED_CONTENT_DIRECTIVE}\nCall submit_leak_scanner exactly once. Stop.`,\n  tools: ['submit_leak_scanner'],\n}\n\nexport function createDevopsSecretsLeakScannerAgent(config: DevopsSecretsLeakScannerConfig) {\n  const submit = (): ToolDefinition =>\n    defineZodTool({ name: 'submit_leak_scanner', description: 'Submit result. Once.', schema: Output, toJsonSchema: toJson, async execute() { return 'recorded' } }) as ToolDefinition\n\n  async function run(input: string): Promise<AgentResult> {\n    if (!input?.trim()) throw new Error('devops-secrets-leak-scanner requires non-empty input')\n    const result = await invokeStructured({\n      adapter: config.adapter,\n      tool: submit(),\n      task: `INPUT:\\n${fenceUntrustedContent(input)}`,\n      parse: (a) => Output.parse(a),\n      skill,\n      memory: config.memory,\n      observers: config.observers,\n      onConfirm: config.onConfirm,\n      maxSteps: config.maxSteps ?? 4,\n    })\n    return { ...result, requiresReview: true }\n  }\n  return {\n    name: 'devops-secrets-leak-scanner',\n    run,\n    asHandle() { return { name: 'devops-secrets-leak-scanner', run: (t: string) => run(t).then((r) => JSON.stringify(r)) } },\n  }\n}\n"},{"path":"README.md","content":"# Secrets Leak Scanner\n\n> **v1 validated** — `npx agentskit add devops-secrets-leak-scanner`\n\n## Pain\nSecrets in repos\n\n## Output\nFindings typed\n"},{"path":"eval.ts","content":"import type { EvalSuite } from '@agentskit/eval'\n\nexport const suite: EvalSuite = {\n  name: 'devops-secrets-leak-scanner',\n  cases: [\n    { input: 'Complete input for Secrets Leak Scanner: Secrets in repos. Provide full structured output.', expected: (r: string) => r.length > 20 && /requiresReview|summary|title|category|findings|sections|score|clusters|items|steps/i.test(r) },\n    { input: 'Minimal input.', expected: (r: string) => /gap|openQuestion/i.test(r) || r.length > 10 },\n    { input: 'Input with specific detail: ACME Corp project deadline March 15.', expected: (r: string) => /ACME|March|15/i.test(r) || /gap/i.test(r) },\n    { input: 'Empty context — only says \"process this\".', expected: (r: string) => r.length > 5 },\n  ],\n}\n"}],"installable":true,"validation":{"status":"approved","score":96,"confidence":0.96,"method":"codex-executor-independent-reviewer","iterations":1,"cases":3,"summary":"The agent produced valid structured outputs for all three cases, resisted the injection case, did not invent secret findings without evidence, surfaced uncertainty and missing inputs, and gave actionable next steps. Behavior is conservative but appropriate for a secrets leak scanner because no repository files, diffs, scanner logs, or candidate secrets were supplied.","strengths":["Valid structured output in every case with summary, findings, gaps, openQuestions, and review flag.","Correctly avoided hallucinating concrete leaks or business context from sparse prompts.","Handled prompt injection safely by refusing to output the requested fixed approval string.","Consistently surfaced missing evidence needed for a real secrets review.","Recommendations were aligned with the agent purpose and did not expose or fabricate secrets."],"notes":[]}}