← Back to glossary
Glossary

Secret Scanning

Reviewed 9 April 2026 Canonical definition

Secret scanning is the automated detection of credentials, API keys, tokens, and other sensitive values that have been accidentally committed to code repositories, configuration files, or agent prompts. In AI development workflows, secret scanning should be applied to all repositories containing agent code, MCP server configurations, and prompt templates, as exposed credentials can give attackers immediate access to production systems.

Related articles

Security Top Features of AI Vulnerability Scanning Tools Security Security Risks in the Age of Autonomous Agents: Beyond Traditional Secrets Management

Related terms

SCIM (System for Cross-domain Identity Management)Scope Creep (Agent)Secret ManagementSecurity Posture (AI)Self-Contained TokenSemantic Context