API key leak scanner – finds and shows credentials in your codebase

Name: API key leak scanner – finds and shows credentials in your codebase
Availability: InStock
Author: JasperBlank2001

by JasperBlank2001·Mar 9, 2026·1 point·1 comment

Visit Project View on HN

AI Analysis

●MidShip It

Yet another secret scanner, but this one's a single Python file.

Strengths

•One-file design means zero setup friction compared to TruffleHog installation.
•Provider-specific revocation links save time hunting down where to rotate keys.
•Git pre-commit hook installer blocks commits with leaked credentials automatically.

Weaknesses

•TruffleHog, gitleaks, and GitHub secret scanning already solve this comprehensively.
•Regex-based detection will miss obfuscated keys that established tools catch.

Post Description

Simple CLI tool, one Python file, no setup. Point it at a repo and it finds leaked API keys (OpenAI, Anthropic, AWS, GitHub, Stripe, etc.) and gives you the direct link to revoke each one.

Built it because I kept generating code with AI assistants and worrying about keys ending up in the wrong place. Its offbrand TruffleHog.

Similar Projects

Security●●Solid

LLM AuthZ Audit – find auth gaps and prompt injection in LLM apps

Purpose-built LLM security linter covers OWASP Top 10, but static analysis has inherent blind spots.

Big BrainSolve My Problem

iamspathan

103mo ago

Security●●Solid

Agentsec – Security scanner for AI agent installations (MCP, OpenClaw)

Bundles CI-friendly scanners that target agent-specific risks: 17 patterned secret detectors, prompt-injection and instruction‑malware heuristics, tool/SSRF and MCP auth checks, plus SARIF/JSON outputs for integration. Findings map to the OWASP Top 10 for Agentic Applications (2026) and it adds 'harden' profiles to apply safer defaults to OpenClaw/MCP installs — practical, focused ops tooling rather than a generic secret-finder.

Niche GemSolve My Problem

debu_sinha_1

233mo ago

Security●●●Banger