diff --git a/project_name/.pre-commit-config.yaml.jinja b/project_name/.pre-commit-config.yaml.jinja
index 14d5c5c..6704ac6 100644
--- a/project_name/.pre-commit-config.yaml.jinja
+++ b/project_name/.pre-commit-config.yaml.jinja
@@ -87,6 +87,13 @@ repos:
       # UTF-8 encoding
       - id: text-unicode-replacement-char
 
+  # Security
+  - repo: https://github.com/Yelp/detect-secrets
+    rev: <placeholder_until_update_deps>
+    hooks:
+      - id: detect-secrets
+        args: ['--baseline', '.secrets.baseline']
+
   # All files
   - repo: https://github.com/editorconfig-checker/editorconfig-checker.python
     rev: <placeholder_until_update_deps>
diff --git a/project_name/justfile.jinja b/project_name/justfile.jinja
index 7710a02..dca51bb 100644
--- a/project_name/justfile.jinja
+++ b/project_name/justfile.jinja
@@ -18,6 +18,10 @@ init: && prepare
   just deps-update
   git add --all
   [ -z "$(git status --porcelain)" ] || git commit -m "⬆️ Updated project dependencies"
+  uvx --from detect-secrets detect-secrets-hook $(git ls-files)
+  uvx --from detect-secrets detect-secrets scan > .secrets.baseline
+  git add .secrets.baseline
+  git commit -m "🔒 Add detect-secrets baseline"
 
 # Setup the project after cloning
 prepare: