GitHub and GitLab are widely used collaborative platforms whose issue-tracking systems contain large volumes of unstructured text, including logs, code snippets, and configuration examples. This creates a significant risk of accidental secret exposure, such as API keys and credentials, yet these platforms provide no mechanism to warn users before submission. We present \textsc{IssueGuard}, a tool for real-time detection and prevention of secret leaks in issue reports. Implemented as a Chrome extension, \textsc{IssueGuard} analyzes text as users type and combines regex-based candidate extraction with a fine-tuned CodeBERT model for contextual classification. This approach effectively separates real secrets from false positives and achieves an F1-score of 92.70\% on a benchmark dataset, outperforming traditional regex-based scanners. \textsc{IssueGuard} integrates directly into the web interface and continuously analyzes the issue editor, presenting clear visual warnings to help users avoid submitting sensitive data. The source code is publicly available at \href{https://github.com/disa-lab/IssueGuard}{https://github.com/disa-lab/IssueGuard} , and a demonstration video is available at \href{https://youtu.be/kvbWA8rr9cU}{https://youtu.be/kvbWA8rr9cU} .

翻译：GitHub与GitLab作为广泛使用的协作平台，其问题追踪系统包含大量非结构化文本，如日志、代码片段及配置示例。这导致了API密钥、凭证等敏感信息意外泄露的高风险，然而这些平台并未在提交前提供预警机制。本文提出\textsc{IssueGuard}工具，用于实时检测并阻止问题报告中的秘密泄露。作为Chrome扩展程序实现，\textsc{IssueGuard}在用户输入时实时分析文本，通过基于正则表达式的候选提取与微调后的CodeBERT模型进行上下文分类。该方法有效区分真实秘密与误报，在基准数据集上达到92.70%的F1分值，性能优于传统正则扫描器。\textsc{IssueGuard}直接集成于网页界面，持续分析问题编辑器状态，通过可视化警告帮助用户避免提交敏感数据。源代码开源发布至\href{https://github.com/disa-lab/IssueGuard}{https://github.com/disa-lab/IssueGuard}，演示视频见\href{https://youtu.be/kvbWA8rr9cU}{https://youtu.be/kvbWA8rr9cU}。