---
title: No Hardcoded Secrets In Repo
impact: HIGH
impactDescription: prevents credential exposure
tags: secrets, credentials, security, git, quality, csharp
---

## No Hardcoded Secrets In Repo

Never commit API keys or passwords.

**Incorrect:**

```csharp
private const string ServiceKey = "sk_live_123";
```

**Correct:**

```csharp
// Load from configuration
var key = _configuration["ServiceKey"];
```

**Tools:** GitLeaks, Security Code Scan