diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml
new file mode 100644
index 00000000..3e262ed5
--- /dev/null
+++ b/.pre-commit-config.yaml
@@ -0,0 +1,6 @@
+repos:
+  - repo: https://github.com/ibm/detect-secrets
+    rev: 0.13.1+ibm.62.dss
+    hooks:
+      - id: detect-secrets # pragma: whitelist secret
+        args: [--baseline, .secrets.baseline, --use-all-plugins, --fail-on-unaudited]
\ No newline at end of file
diff --git a/.secrets.baseline b/.secrets.baseline
index bc173c72..fafda2d6 100644
--- a/.secrets.baseline
+++ b/.secrets.baseline
@@ -3,7 +3,6 @@
     "files": "^.secrets.baseline$",
     "lines": null
   },
-  "generated_at": "2024-06-03T10:11:05Z",
   "plugins_used": [
     {
       "name": "AWSKeyDetector"
diff --git a/build-locally.sh b/build-locally.sh
index 27f67a0c..50a9527d 100755
--- a/build-locally.sh
+++ b/build-locally.sh
@@ -227,6 +227,7 @@ function check_secrets {
         error "Not all secrets found have been audited"
         exit 1  
     fi
+    sed -i '' '/[ ]*"generated_at": ".*",/d' .secrets.baseline
     success "secrets audit complete"
 }