Gitleaks
Open-source secret scanner for finding passwords, API keys, tokens, and other credentials in git history, files, directories, and stdin.
Open the source and read safety notes before installing.
Safety notes
- Gitleaks can scan git history and large directories, so scope scans intentionally and use baselines for noisy legacy repositories.
- Findings may include real active credentials; treat reports, CI logs, and exported SARIF or JSON artifacts as sensitive.
- The upstream README states Gitleaks is feature complete and future releases are expected to be security patches only.
Privacy notes
- Scans inspect repository contents, file contents, commit metadata, and streamed input for credential-like strings.
- Report files and verbose logs can contain secret values unless redaction and artifact retention are configured carefully.
- CI integrations may expose findings to workflow logs, code-scanning systems, or third-party build infrastructure.
Prerequisites
- A repository, directory, file, or stdin stream that you are authorized to scan.
- Gitleaks installed through Homebrew, Docker, Go, a release binary, pre-commit, or the official GitHub Action.
- A plan for handling findings, baselines, and allowed test credentials without exposing real secrets in reports.
Schema details
- Install type
- copy
- Troubleshooting
- No
- Scope
- Source repo
- Website
- https://gitleaks.io
- Pricing
- open-source
- Disclosure
- editorial
- Application category
- SecurityApplication
- Operating system
- macOS, Windows, Linux, Docker
Full copyable content
## Editorial notes
Gitleaks is a useful fit for AI-generated code review because agents can accidentally introduce placeholders, copied credentials, or leaked tokens into diffs. Running a focused Gitleaks scan before merge gives maintainers a concrete check for secret exposure across working trees, files, stdin, and git history.
## Source notes
- The official README describes Gitleaks as a tool for detecting passwords, API keys, and tokens in git repositories, files, directories, and stdin.
- The README documents installation through Homebrew, Docker, Go/source builds, release binaries, pre-commit, and the Gitleaks GitHub Action.
- The documented scan modes include `git`, `dir`, and `stdin`, with redaction, report, baseline, and configuration options.
## Duplicate check
Checked current `content/tools/`, open pull requests, and repository-wide content for `Gitleaks`, `gitleaks.io`, `github.com/gitleaks/gitleaks`, `secret scanner`, `secret scanning`, and `secrets`. Existing files only mention secret scanning generically or reference Gitleaks inside broader security guidance; no dedicated Gitleaks tools entry or open duplicate PR was found.
## Disclosure
Editorial listing. No paid placement or affiliate link is used.About this resource
Editorial notes
Gitleaks is a useful fit for AI-generated code review because agents can accidentally introduce placeholders, copied credentials, or leaked tokens into diffs. Running a focused Gitleaks scan before merge gives maintainers a concrete check for secret exposure across working trees, files, stdin, and git history.
Source notes
- The official README describes Gitleaks as a tool for detecting passwords, API keys, and tokens in git repositories, files, directories, and stdin.
- The README documents installation through Homebrew, Docker, Go/source builds, release binaries, pre-commit, and the Gitleaks GitHub Action.
- The documented scan modes include
git,dir, andstdin, with redaction, report, baseline, and configuration options.
Duplicate check
Checked current content/tools/, open pull requests, and repository-wide content for Gitleaks, gitleaks.io, github.com/gitleaks/gitleaks, secret scanner, secret scanning, and secrets. Existing files only mention secret scanning generically or reference Gitleaks inside broader security guidance; no dedicated Gitleaks tools entry or open duplicate PR was found.
Disclosure
Editorial listing. No paid placement or affiliate link is used.
Source citations
Signals
Loading live community signals…
A short, calm digest of reviewed Claude resources. Unsubscribe any time.