Enkryptify Agent

Enkryptify Agent watches local AI conversation/session artifacts, scans changes with Gitleaks and sends Slack alerts when potential secrets are detected.

It is designed for local developer machines and works continuously until you stop it.

Prerequisites

• Git
• Bun runtime (required to execute this project)
• Gitleaks (required)
• Slack Incoming Webhook (recommended; otherwise findings are logged locally)
• Enkryptify Secrets Manager access (to provide SLACK_WEBHOOK_URL)

---

Installation and setup (from scratch)

1. Clone the repository

git clone https://github.com/Enkryptify/enkryptify-agent.git
cd enkryptify-agent

2. Install Bun

Bun is the runtime for this repository. You can use different process managers to run it, but execution is through Bun.

Official install docs: bun.sh/docs/installation

Common install options:

• macOS / Linux:

curl -fsSL https://bun.sh/install | bash

• Windows (PowerShell):

powershell -c "irm bun.sh/install.ps1 | iex"

Verify:

bun --version

3. Install project dependencies

bun install

4. Install Gitleaks (cross-platform)

Official project: github.com/gitleaks/gitleaks
Install options and binaries: github.com/gitleaks/gitleaks/releases

• macOS (Homebrew):

brew install gitleaks

• Linux (binary release):

1. Download the correct linux_* archive from the releases page.
2. Extract it and move gitleaks to a location on PATH, for example:

chmod +x gitleaks
sudo mv gitleaks /usr/local/bin/gitleaks

• Windows (choose one):
  • winget install Gitleaks.Gitleaks
  • choco install gitleaks
  • scoop install gitleaks
  • Or download the Windows binary from the releases page.

Verify:

gitleaks version

5. Create and configure a Slack Incoming Webhook

Slack docs:

• Incoming webhooks overview: api.slack.com/messaging/webhooks
• Create a Slack app: api.slack.com/apps

Step-by-step:

1. Open api.slack.com/apps and click Create New App.
2. Choose From scratch.
3. Enter an app name (for example Enkryptify Agent Alerts).
4. Select the Slack workspace where alerts should be posted.
5. In the app settings, open Incoming Webhooks.
6. Toggle Activate Incoming Webhooks to On.
7. Click Add New Webhook to Workspace.
8. Select the destination channel (for example #security-alerts) and authorize.
9. Copy the generated webhook URL. It should look like: https://hooks.slack.com/services/T00000000/B00000000/XXXXXXXXXXXXXXXXXXXXXXXX

6. Run the agent with Enkryptify-managed secrets

1. Create a free account on https://app.enkryptify.com
2. Create a project and add your SLACK_WEBHOOK_URL secret.
3. Follow the getting started steps

7. Stop the agent

• Foreground run: press Ctrl+C
• Background process stop:
  • macOS / Linux:

pkill -f "bun run index.ts"

• Windows (PowerShell):

Get-Process bun | Stop-Process -Force

---

Behavior when no Slack webhook is set

If SLACK_WEBHOOK_URL is not available, the agent still runs and prints findings to stdout. No Slack message is sent in that mode.

Troubleshooting

• Error: gitleaks is not installed or not in PATH
  • Install Gitleaks and re-run gitleaks version.
• No Slack alerts are arriving
  • Verify webhook URL is correct and active.
  • Send the curl smoke test payload above.
  • Ensure SLACK_WEBHOOK_URL is present in runtime environment.
• Nothing is detected
  • Confirm the relevant tool directories exist on your machine.
  • Confirm file changes are happening under watched paths.

Security notes

• Treat the Slack webhook URL as a secret.
• Prefer Enkryptify Secrets Manager (or equivalent secret injection) over local plaintext .env.