Scan code secrets, verify live keys, and rewrite them to env vars.
Copy the install command and let the AI configure it · recommended for beginners
No copy-paste install info for "leakferret" yet — see the docs or source repo.
Scan the current repository for potential secret leaks, list findings by file, and flag high-risk credential patterns.
A file-by-file list of leaked secrets with secret type, risk level, and location details.
Verify the scanned API keys and mark only the keys that are still live by calling the provider, then summarize the results.
A verification report for each key, distinguishing invalid, possibly live, and confirmed live credentials.
Rewrite confirmed hard-coded secrets into environment variable lookups and provide the list of required new environment variable names.
Suggested code changes or a patch, plus environment variable names and replacement guidance.
Scan files, configs, or text for leaked secrets and risky misconfigurations.
Scan code and text for leaked secrets and exposed API credentials.
Scan binary artifacts for sensitive strings and detect telemetry leak risks.
Scan Python projects and GitHub repos for vulnerabilities, secrets, and AI risk insights.
Scan source code for leaked secrets to catch security risks early.
Scan project risks and quality issues with a health score and fixes.