Scans each file in your repository for AWS access secrets and flags any vulnerabilities.
Shell-level guardrails for OpenCode. Block dangerous commands, scan for secrets, detect loops.
Secretlint CLI that scan secret/credential data.
AWS SDK for JavaScript Secrets Manager Client for Node.js, Browser and React Native
Blazing fast and accurate glob matcher written in JavaScript, with no dependencies and full support for standard and extended Bash glob features, including braces, extglobs, POSIX brackets, and regular expressions.
Azure Key Vault Secrets
CLI api client to easily integrate the Aikido public CI API into custom deploy scripts
An eslint rule that searches for potential secrets/keys in code
Scan your React app for renders
OCI NodeJS client for Secrets Service
A powerful, intelligent wrapper for the Gitleaks engine that provides accurate and safe secret scanning for local pre-commit hooks and CI/CD pipelines.
A secretlint rule for AWS.
Secret detection library for chat and paste contexts. 1,100+ rules from TruffleHog detectors.
Credential management facilities for Imperative, Zowe CLI, and extenders.
Security auditor for AI agent configurations. Scans Claude Code setups for vulnerabilities, misconfigs, and injection risks.
Code review CLI tool
snyk library and cli utility
AI-safe .env files: Schemas for agents, Secrets for humans.
Gamified local security CLI for hunting common code vulnerabilities from npm.
Secrets Manager middleware for the middy framework
Imagemin plugin for mozjpeg
React Native Plugin for Genius Scan SDK
(temporary fork of picomatch) Blazing fast and accurate glob matcher written in JavaScript, with no dependencies and full support for standard and extended Bash glob features, including braces, extglobs, POSIX brackets, and regular expressions.
A JavaScript implementation of Yelp's detect-secrets tool - no Python required
GitLab Secret Detection gem accepts text-based payloads, matches them against predefined secret detection rules (based on the ruleset used by GitLab Secrets analyzer), and returns the scan results. The gem also supports customization of the scan behaviour.
Fastlane plugin to scan Android and iOS apps for secrets and tokens
ace-git-secrets scans Git history for leaked credentials with gitleaks-backed detection, revokes supported tokens, rewrites compromised history, and blocks releases when secrets are still present.
WARNING: Contains intentional security vulnerabilities including command injection, YAML deserialization, eval injection, and hardcoded secrets. For testing GitLab dependency scanning, SAST tools, and security training ONLY. DO NOT use in production.
Context-aware secret scanning for Ruby projects. A thin wrapper around the native leakferret binary (written in Rust): it finds hardcoded secrets, confirms which ones are actually live by calling the provider, and rewrites them to read from environment variables instead. Precompiled platform gems bundle the native binary inside the gem, so a normal `gem install` ships the binary through RubyGems itself: no download, no network access, and no Rust toolchain. You can audit exactly what you are about to run with `gem unpack leakferret`. The gem never fetches and runs a binary off the internet - there is no download code to vet. On a platform without a prebuilt gem, the source gem tells you to build from source (`cargo install leakferret-cli`) or point LEAKFERRET_BIN at a binary. The API exposes Leakferret.scan, Leakferret.verify, and Leakferret.rewrite (each returning Finding objects), plus a `leakferret` command-line tool.