Scan source code for leaked secrets to catch security risks early.
Copy the install command and let the AI configure it · recommended for beginners
Please install the "Trestle" MCP server from askskill: Run: claude mcp add 'com-trestlescan-trestle' -- npx -y @trestlescan/mcp
Please scan this code repository for API keys, access tokens, private keys, and other sensitive credentials, then list suspected leaks with file names, line numbers, and risk levels.
A list of suspected leaked credentials with locations, types, and risk notes.
Please inspect the code changes in this commit for hardcoded keys, tokens, or certificates. If any are found, identify them and provide remediation advice.
Detection results for sensitive data in the commit, along with remediation suggestions.
Please review the project's config files, sample environment files, and scripts to identify possibly exposed keys, tokens, or private connection details, then rank them by severity.
A severity-ranked list of exposed sensitive configuration issues.
Scan code secrets, verify live keys, and rewrite them to env vars.
Scan code and text for leaked secrets and exposed API credentials.
Scan files, configs, or text for leaked secrets and risky misconfigurations.
Scan binary artifacts for sensitive strings and detect telemetry leak risks.
Scan Python projects and GitHub repos for vulnerabilities, secrets, and AI risk insights.
Scan AI coding workflows for code, secrets, dependency, and tool security risks.