Hard-coded secret detected.

  • Rule ID: gitleaks
  • Source: N/A


Hard-coding secrets in a project opens them up to leakage. This rule checks for common secret types such as keys, tokens, and passwords using the popular Gitleaks library and ensures they aren't hard-coded. This rule is part of the secrets scanner and language agnostic.


Do not hard-code secrets in committed code. Instead, use environment variables and a secret management system.


Associated CWE

OWASP Top 10


This is a built in rule that represents findings from the secrets scanner.

To enable this during a scan, use the following flag

bearer scan /path/to/your-project/ --scanner=secrets,sast