github-sensitive-data-cleanup
Scan and remove secrets, keys, private IPs and PII from GitHub repository history before force-push.
๐ก๏ธ AgentReady threat assessment
MAESTRO 7-layer threat model + OWASP AIVSS risk score for github-sensitive-data-cleanup, derived from its capabilities.
AIVSS 7.8 ยท High
View MAESTRO 7-layer threat model โOverview
Community Agent Skill that scans and rewrites git history to remove leaked secrets, API keys, private domains/IPs and PII. Verifies visibility, backs up, and scans before any force push to a public repo. Runs history-rewriting and scanning commands that mutate the repository โ high security surface.
Key features
- Secret/PII history scanning
- History rewrite and force-push safety checks
- Pre-push visibility and backup verification
Use cases
- Repairing a repo after a secret leak
- Sanitizing history before making a repo public