MCP-native secret scanner — finds hardcoded secrets, verifies which are actually live, and rewrites the leak to read from an environment variable.
leakferret.com · main repo · docs · MIT
Most scanners stop at "this looks like a secret." leakferret goes two steps further:
- Verify — one harmless API call to the provider (AWS, GitHub, GitLab, Stripe, OpenAI, Anthropic, Slack, …) confirms which keys are still live, so you fix what's actually exploitable instead of triaging regex noise.
- Rewrite — swaps the hardcoded literal for an
os.environ/process.env/ENV.fetchlookup, adds a.env.exampleline, and prints seed commands for your secret manager. - MCP-native — exposes the whole pipeline over the Model Context Protocol, so a coding agent can self-check before it commits.
Privacy by construction: the full secret value never leaves your machine — only a redacted
AKIA…4XYZpreview ever leaves the process. A dedicated test enforces it.
cargo install leakferret-cli # Rust
npm i -g @leakferret/cli # npm
gem install leakferret # Ruby
leakferret verify . # scan, then confirm which keys are live| 🦀 CLI / engine | leakferret — one fast Rust binary |
| 🤖 MCP server | leakferret mcp — for Claude Code, Cursor, Continue, Claude Desktop |
| ⚙️ CI | leakferret-action — SARIF → GitHub Code Scanning |
| 🧩 VS Code / Cursor | leakferret-vscode — scan on save, one-click fix |
| 💎 Ruby | leakferret-ruby |
| 📦 npm | leakferret-npm |
| 🐹 Go | leakferret-go |
| 📚 Catalog data | leakferret-catalog — signed known-public examples |
MIT-licensed engine, CLI, MCP server, and wrappers · fixture-catalog data CC-BY-SA-4.0 · maintained by Maria Khan