JSPM

One-command security scanner for AI-generated code. Vibe coded. Vibe hardened.

Security MCP for vibe coding. 424 rules, 36 tools, CLI + doctor. Host security, auth coverage mapping, LLM-powered deep scan (IDOR/business logic), taint analysis. 61 CVE rules refreshed daily from GHSA/OSV/CISA KEV — Next.js May 2026 13-advisory cluster,

A JavaScript implementation of Yelp's detect-secrets tool - no Python required

A custom Gitleaks-like scanner for detecting sensitive data.

Advanced security scanner that detects API key leaks and sensitive information in source code. Scans TypeScript, JavaScript, Markdown, and configuration files for AWS keys, OpenAI tokens, GitHub/GitLab PATs, Slack/Discord tokens, JWT tokens, and other cre

MCP server providing security scanning, prompt injection detection, secret leak detection, and agent permission auditing for AI agent workflows

Policy engine — system invariants, custom rule evaluation, secret guard (detect and redact), and audit logging

A pi extension that guards against committing secrets, API keys, and credentials to git repositories using hybrid regex + LLM review.

MCP server for security scanning — structured Trivy, Semgrep, and Gitleaks findings for AI agents

Open-source security scanner for Model Context Protocol (MCP) servers. Audits Claude Desktop, VS Code, Cursor, Windsurf, and 16+ AI tools for secrets, prompt injection, supply-chain risks, and 17+ security checks.

Intelligent repository cleanup with auto mode, AI learning, markdown consolidation, auto-consolidate workflow, context-aware classification, and cost optimization

Deterministic, rule-based CLI to sanitize secrets from logs. No AI. No cloud. No config.

CLI tool to scan codebases for LLM SDK usage, AI frameworks, and exposed API tokens

Prevent secrets (API keys, passwords) and console.log in commits. Zero-config pre-commit hooks with Husky auto-install. Blocks Stripe, GitHub, AWS credentials out-of-the-box. 357+ teams protected.

MCP server for secure file reading within project boundaries

A JavaScript implementation of Yelp's detect-secrets tool - no Python required

Secret detection for AI agents — 600+ patterns, plugins for LangChain, LlamaIndex, Vercel AI, OpenClaw, Nanobot

Security scanner for AI Agents and MCP Servers — 10 scanners for prompt injection, supply chain poisoning, secret leaks, and misconfigs

A security-first CLI for environment variable management with AES-256 encryption, secret scanning, health diagnostics, auto-backups, and safe sync.

CLI toolkit for the stuff you keep re-doing. Env validation, JSON-to-TypeScript, changelogs, depcheck, gitignore, ESLint + Prettier config, test setup, Dockerfile, CI workflow, README scaffold, git hooks, editorconfig, secret scanning, API scaffolding, de

🤫 Silent privacy guardian for agent workspaces. Auto-detects API keys, tokens, PII, and infrastructure info before git push or skill publish.

AI context selection done right. Picks the right files, sanitizes secrets, learns from your feedback. --context, --audit, --accept/--reject.

Standalone npm package for comprehensive secret detection with 100+ patterns, entropy filtering, and false positive detection - no external dependencies required. Based on TruffleHog detection logic.

Security scanning engine for Model Context Protocol (MCP) servers. Detects hardcoded secrets, command injection, SSRF, auth misconfig, and compliance gaps.

The bidirectional firewall for MCP — scans inputs AND outputs, detects rug-pulls at runtime, zero config.

Command-line interface for mcp-guard: scan, fix, and monitor Model Context Protocol (MCP) server configs for security issues.

AI Agent Security Scanner — 守るべきものを、守る。MCP-focused security for the agentic era.

Core rule engine, git layer, AI providers, and interceptor for gitconductor

CLI for gitconductor — intercept git commands, enforce safety rules, and recover from mistakes

An MCP-based security scanner and agentic AI for vulnerability detection

The Ultimate Environment Variable Manager — Validate, Type, Encrypt, Sync, and Never Ship Broken Configs Again

MCP server for Leak Secure - Enterprise GitHub security scanner detecting 35+ types of secrets

A robust, production-ready CLI tool for detecting secrets and credentials in your codebase

OpenClaw plugin: filters outgoing messages for API keys, credentials, PII, and other sensitive data using MessageGuard.

Zero-config Git pre-commit hook that blocks secrets (AWS keys, API tokens, .env files) from being committed. Auto-installs for your entire team.

Real-time AI code security scanner - MCP Server for detecting vulnerabilities, secrets, and compliance issues

A CLI tool that scans git diffs for API keys and secrets before commits

Plug-and-play pre-commit & pre-push secret scanner that blocks secrets (TypeScript compatible).

Secure Log React Server Component for Scanning secrets.

🔍 AI-powered CLI tool to scan files and repositories for exposed secrets and credentials

Rust-powered secret detection for GitHub Actions - Fast, safe, and efficient CLI tool

Fast, beautiful CLI security scanner for React Native and Expo bundles. Detects API keys, secrets, and 60+ mobile security vulnerabilities.

🛡️ SecretShield is a CLI tool that detects API keys and sensitive credentials before you commit code.

AI-powered privacy and compliance scanner by KafkaLabs - identify PII leaks, secrets, and compliance violations

Premium MCP server that scans projects for dependency issues, secrets, license conflicts, code quality problems, and git health. Returns a 0-100 health score with actionable fix suggestions.