Developed and integrated a security automation feature for the huggingface/smol-course repository by implementing CI/CD secrets scanning using Gitleaks. Configured a GitHub Actions workflow written in YAML to automatically scan both pull requests and pushes for exposed credentials, addressing the risk of accidental secret leaks in the development process. Leveraged expertise in CI/CD pipelines, GitHub Actions, and security tooling to ensure that sensitive information is detected before merging code. This work enhanced the repository’s security posture by embedding automated checks directly into the CI workflow, providing a proactive safeguard against credential exposure without requiring manual intervention from contributors.