Developed and integrated a pre-commit secret scanning workflow for the NHSDigital/identity-service-jwks repository, focusing on enhancing security hygiene and delivery quality. Leveraged bash scripting and git hooks to implement Gitleaks, ensuring that hard-coded secrets are detected before code is committed. The solution included supporting scripts and configurations to streamline adoption in local development environments, reducing the risk of secrets leakage and improving compliance readiness. By embedding secret scanning into the development workflow, the work established a foundation for future automated policy enforcement in CI/CD pipelines, demonstrating a methodical approach to security best practices and scalable code quality controls.