Hybrid CNN-CodeBERT framework for three-class credential leakage detection reports MCC of 0.86 and macro F1 of 0.90 on a new 9,426-sample dataset across 10 languages, improving placeholder detection and cutting high-severity alerts by 33%.
IssueGuard: Real-Time Secret Leak Prevention Tool for GitHub Issue Reports
1 Pith paper cite this work. Polarity classification is still indexing.
abstract
GitHub and GitLab are widely used collaborative platforms whose issue-tracking systems contain large volumes of unstructured text, including logs, code snippets, and configuration examples. This creates a significant risk of accidental secret exposure, such as API keys and credentials, yet these platforms provide no mechanism to warn users before submission. We present \textsc{IssueGuard}, a tool for real-time detection and prevention of secret leaks in issue reports. Implemented as a Chrome extension, \textsc{IssueGuard} analyzes text as users type and combines regex-based candidate extraction with a fine-tuned CodeBERT model for contextual classification. This approach effectively separates real secrets from false positives and achieves an F1-score of 92.70\% on a benchmark dataset, outperforming traditional regex-based scanners. \textsc{IssueGuard} integrates directly into the web interface and continuously analyzes the issue editor, presenting clear visual warnings to help users avoid submitting sensitive data. The source code is publicly available at \href{https://github.com/disa-lab/IssueGuard}{https://github.com/disa-lab/IssueGuard} , and a demonstration video is available at \href{https://youtu.be/kvbWA8rr9cU}{https://youtu.be/kvbWA8rr9cU} .
fields
cs.SE 1years
2026 1verdicts
UNVERDICTED 1representative citing papers
citing papers explorer
-
Separating Secrets from Placeholders: A Hybrid CNN-CodeBERT Framework for Three-Class Credential Leakage Detection
Hybrid CNN-CodeBERT framework for three-class credential leakage detection reports MCC of 0.86 and macro F1 of 0.90 on a new 9,426-sample dataset across 10 languages, improving placeholder detection and cutting high-severity alerts by 33%.