GitGuardian is now live on the Kiro Powers marketplace.

Install the Power once, and Kiro’s agent can help you use GitGuardian tools directly in your workflow. Ask it to scan your repo for secrets with the GitGuardian CLI, or remediate incidents tied to your current project through the GitGuardian MCP server.

GitGuardian’s CLI, MCP server, and built-in steering files are ready when you need them, so teams can start finding exposed secrets, resolving incidents, and reducing future exposure faster, without adding another process to manage.

Why an AI coding agent needs a secrets check

AI-assisted development is accelerating credential exposure from two directions at once. Developers ship code faster, and the models doing the writing were never trained to avoid hardcoding credentials. Developers using AI coding assistants leak secrets at roughly twice the baseline rate, according to GitGuardian's State of Secrets Sprawl 2026 report, which also found 28.6 million new secrets exposed on public GitHub in 2025. That is a 34% jump year over year, the largest single-year increase on record.

The failure mode is specific. The model writes the credential, the agent commits it, and a post-commit or CI/CD scanner finds it after it has already landed in git history. At that point, the secret is exposed, and cleanup means rotation, history rewriting, or both.

Detection has to move to the point of creation. That is what this Power does.

What Kiro Powers are

Kiro is AWS's agentic integrated development environment (IDE), built around spec-driven development. Powers are packages of expertise and tooling that load on demand when a task calls for them. Mention "is my repo safe?" or "Help me remediate leaked secrets incidents" in a Kiro session, and the GitGuardian Power activates. When the task changes, it unloads, keeping the agent's context focused instead of stuffed with every tool you have installed.

What the Power does

The Power gives Kiro's agent the ability to scan proactively across multiple surfaces:

  • Files and directories: anything on disk in the current workspace.
  • Git history: the full history of a repository, including secrets that were committed and later deleted.
  • Staged changes: specific commits, commit ranges, or pre-commit staged changes.
  • Docker images and PyPI packages: built artifacts as well as source.

Coverage also extends past the agent. The Power can install git pre-commit and pre-push hooks, so the same check holds when a human is the one committing.

When something is found, the agent guides remediation in code. Remove the hardcoded value and replace it with an environment variable or a secrets manager reference. Then rotate the exposed credential, with AWS Secrets Manager as the recommended destination for the new one. Rotation itself stays in your hands; the Power's job is making sure the leaked version never ships.

Honeytokens: a tripwire for anything that slips through

Prevention gates fail sometimes. The second capability assumes that.

Kiro's agent can generate decoy AWS credentials: fake access key and secret pairs that look real and are monitored by GitGuardian. Plant them where an attacker would look. .env.example files, internal wikis, runbooks, open repositories. If anyone touches one, an alert fires on your GitGuardian dashboard, and you know someone is inside before they reach anything real.

You can generate them as bare credentials or wrapped in realistic code (Python, JavaScript, Bash, or Terraform), convincing enough to hold up under inspection.

How it runs

Scanning works through ggshield, GitGuardian's open-source command-line interface, already on 600,000+ developer machines. Setup includes one manual step: a browser-based authentication to your GitGuardian workspace. The Kiro agent handles the rest, ggshield installation and configuration included.

Four steering files structure the Power, and Kiro loads them contextually:

  • gitguardian-platform: authentication and workspace configuration, including instance URLs.
  • scan-workflows: every scan command variant and when to use each.
  • scan-remediation: how to interpret findings and handle false positives, including when to rotate versus delete.
  • honeytoken-planting: generation and placement tactics, plus alert response.

One Power, every agent your team runs

The Kiro Power is one entry point into GitGuardian's agent-skills repository, which officially supports five agents: Claude Code (Anthropic), Codex (OpenAI), Cursor, VS Code with GitHub Copilot, and Kiro (AWS). Through the skills.sh installer, the same skills reach more than 50 additional agents, including Windsurf, Gemini CLI, OpenCode, and Cline.

For agents with hook support, Claude Code and Cursor among them, the skills screen prompts and outgoing code before anything executes. Kiro relies on the steering files described above, with the git hooks as the deterministic backstop. 

Get started

The GitGuardian Power is available now in the Kiro Powers marketplace and on GitHub. You need a GitGuardian workspace; a free account works.

Secrets detection at the point of creation is one piece of the GitGuardian platform, which secures every secret from the developer's machine to public GitHub. If your team is adopting agentic coding tools and asking what the guardrails are, this is a good place to start.

Install the Power