Skip to content

Instantly share code, notes, and snippets.

@mbijon

mbijon/repo-security-patterns-scan.sh

Created December 4, 2025 04:07
Show Gist options

  • Select an option

    Learn more about clone URLs
  • Save mbijon/e8445bb96a4c0b2d1863b64ac1f40fd6 to your computer and use it in GitHub Desktop.

Select an option

Learn more about clone URLs
Save mbijon/e8445bb96a4c0b2d1863b64ac1f40fd6 to your computer and use it in GitHub Desktop.
Download ZIP
Repo security pattern search commands
Raw
repo-security-patterns-scan.sh
# Secrets, Evals, and Unsafe practices
grep -r "password\|secret\|api_key\|token" /repo -e .env -e .env.local --include="*.ts" --include="*.tsx" --include="*.js" --include="*.jsx" 2>/dev/null | head -20
grep -r "http://" /repo/src --include="*.ts" --include="*.tsx" 2>/dev/null | grep -v "https://" | head -20
grep -r "(eval|Function)\(|dangerouslySetInnerHTML|__html|v-html" /repo 2>/dev/null | head -20
grep -r "public/**/*.html" /repo 2>/dev/null | head -20
grep -r "localStorage|sessionStorage|document\.cookie" /repo 2>/dev/null | head -20
grep -r "userAgent|navigator\." /repo 2>/dev/null | head -20
grep -r "maxLength|minLength|pattern=|validation|sanitize" /repo/src/components 2>/dev/null | head -20
# JS and NPM
grep -r "fetch\(|axios\.|XMLHttpRequest" /repo 2>/dev/null | head -20
find /repo -name "*.md" -type f | grep -v node_modules | head -10
grep -r "console\.(log|warn|error|debug|info)" /repo 2>/dev/null | head -20
npm list --depth=1 2>/dev/null | grep -E "(helmet|cors|rate-limit|express-rate)" | head -20
####
# npm list --depth=0 2>/dev/null
# cat /repo/package.json | grep -A 5 -B 5 "dependencies"
####
# Git
git check-ignore .env 2>/dev/null && echo "✓ .env is ignored" || echo "X_X .env is NOT ignored"
git check-ignore .env.local 2>/dev/null && echo "✓ .env.local is ignored" || echo "X_X .env.local is NOT ignored"
git log --all --full-history -- .env.local .env 2>/dev/null | head -20
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment