[bradleyjkemp]

Neat! I really like the crowdsourcing element where you can easily comment on the gist to make the author aware.

Would something like https://github.com/Yelp/detect-secrets be interesting to include? Either as a filtering step to weed out false positives or to find even more secrets (i.e. that aren't near "password" or "secret")

[floverfelt]

That's a good idea! I think the biggest issue right now is the regex. It's super naive and just matches against anything containing the word "secret" or "password" which like you said results in a lot of false positives.

Let me take a look at that repo...