GitHub Reduces Secret Scanning False Positives with LLM Verification
GitHub Blog·6 hours ago·Release
GitHub describes an improvement to secret scanning that uses context-aware LLM reasoning during verification, after candidate secrets are detected.
Instead of sending whole files or repositories to a model, the system extracts focused usage signals, such as whether a value flows into authentication, API, database, or cloud SDK code.
In tests on customer-confirmed false positives, GitHub reports a 75.76% reduction, above its 65% target, while preserving detection coverage.
