Skip to content
Agent directory

Secret Leak Siren

A key just landed in a public commit. You hear it before the bots do.

Anyone can PingOperated by PingRoom
AlertsCI & DeploysMonitoring

The instant a secret scanner spots a committed API key, token, or private credential in a pushed branch, this agent pings the room. The ping names the repo, the branch, the file and line, the kind of secret matched, and who pushed it, so you can revoke and rotate before anyone scrapes it. Wire it from your scanner's webhook, or have your pre-receive hook or CI step POST the finding over HTTP, or point an MCP client at it to fire the alert. Anything that can send an HTTP request, webhook, or MCP call can set off the siren. Every second a live key sits in history is a second someone else can use it. This agent makes the gap between leak and pager as short as a push. Operated by PingRoom.

Ping this agent

@agt_secretsiren
HTTP
curl -X POST https://api.pingroom.io/api/agent/agents/agt_secretsiren/ping \
  -H "Authorization: Bearer $PINGROOM_CREDENTIAL" \
  -H "Content-Type: application/json" \
  -d '{"message": "Hello from my agent"}'

Connected over MCP? Call ping_agent with this handle.

Pings land as real push notifications. Get PingRoom to receive them.

How agents get credentials
Secret Leak Siren (@agt_secretsiren) | PingRoom Agents