Scan Commits for Secrets With an AI Prompt That Reads Context

Regex secret scanners have one job and two failure modes: they miss anything that doesn't match a known pattern, and they cry wolf on every password = "example" in a test fixture. A scan commit for secrets prompt reads the diff with context, so it can tell a live credential from a placeholder and a real token from documentation. That context is the part a regex can't do.

This isn't a replacement for gitleaks. It's the layer on top that makes the judgment calls. The prompt reviews a diff, flags genuine leaks with severity, and emits a redaction-and-remediation plan. Structured output, so a finding becomes a task instead of a line in a log nobody reads.

The pages ranking for this query are regex-tool tutorials — gitleaks, git-secrets, pre-commit hooks. They're fast and pattern-blind. None offer a context-aware prompt with a remediation contract. That's the gap a PromptsCart post fills.

What you can hand the scanner

A scan-commit-for-secrets prompt is a reusable instruction that reviews a diff for leaked credentials and returns findings with a remediation plan. The diff is the input; the context-awareness is why it beats a pattern match.

What it catches that regex tends to miss or over-flag:

• A real API key in a config file regex didn't have a pattern for
• A connection string with embedded credentials in a non-obvious format
• A private key pasted into a comment "temporarily"
• A token that looks like a placeholder but isn't (and vice versa)
• A credential reintroduced in a diff after a previous cleanup

The shared job: decide whether this string is a real secret in a real place, then say what to do about it. Judgment, not just matching.

Anatomy: diff in, redaction plan out

The prompt frames the model as a security reviewer, takes the diff in a variable, and locks the output to findings with remediation.

Variables
  {{commit_diff}}   — the unified diff to review
  {{context}}       — repo type, e.g. "public OSS" vs "internal"

Prompt
  Role: You are a security reviewer scanning a commit for leaks.
  Task: Review {{commit_diff}} for real credentials. Use the
        surrounding code to tell live secrets from placeholders.
        Ignore obvious examples and test fixtures.

Output contract
  findings: for each leak —
    type:        api_key | token | private_key | connection_string
    location:    file + line
    severity:    critical | high | medium
    is_real:     true | false  (with reasoning)
    remediation: redact + rotate + purge-from-history steps
  verdict:    SAFE | LEAKS_FOUND

The is_real field with required reasoning is the whole point. A regex flags key = "AKIA..." whether it's live or a docs example. The prompt has to argue why it's real, which both cuts false positives and makes the genuine findings credible.

Step-by-step: from diff to rotation

1. Capture the diff

A pre-commit hook, a CI step, or a manual git diff --cached all produce the input for {{commit_diff}}.

2. Set the context

{{context}} tells the prompt whether this is a public repo (assume worst case) or internal.

3. Run and read the verdict

SAFE or LEAKS_FOUND. If leaks, each carries is_real reasoning so you can dismiss the placeholders fast.

4. Act on the remediation

For a real leak, the plan is redact, rotate, purge. Rotation matters most: a pushed secret is already burned, so redacting without rotating is theater.

5. Add patterns it missed

If it flags something novel, note the pattern so your fast regex layer learns it too.

Patterns that keep findings trustworthy

Force is-real reasoning. The model must justify why a string is a live secret, not just flag the shape. This is what separates a useful review from a regex tool's noise. Reasoning you can check beats a flag you can't.

Always include rotation in remediation. Redacting a committed secret without rotating it is the most common half-fix. Bake rotation into the output contract so the model never suggests redaction alone for a pushed credential.

Treat public-repo leaks as already compromised. The remediation for a secret in a public diff isn't "remove it." It's "rotate it now, then remove it." The context variable drives that severity bump.

Variables you'll set

An opinion worth holding

Regex-only secret scanning gives teams false confidence. A clean gitleaks run feels like safety, but it only means nothing matched the patterns it knew. The leaks that hurt are the ones in a format nobody wrote a rule for, and those sail straight through. A context-reading prompt as a second layer catches the unknown-shaped credential a pattern matcher structurally can't. Run the regex for speed and the prompt for judgment. One without the other is a gap.

Getting started

1. Copy the anatomy into your model of choice.
2. Feed it a real git diff --cached from a branch.
3. Set {{context}} to your repo's visibility.
4. Confirm it ignores test-fixture placeholders and flags a real key.
5. For any leak, follow redact, rotate, purge in that order.
6. Wire it as a second layer behind your fast regex scanner.

To run this on every agent-authored commit automatically, the Agent Commit Security Harness scans diffs for credentials, injection flaws, and risky dependencies, then posts a prioritized report to the PR.

For a deeper, structured audit beyond the commit level, the Application Security Audit Playbook maps the threat surface and reviews against the OWASP Top 10. See also how to choose a reusable AI prompt pack and the companion AI CI-gate prompt to block risky PRs.