Secrets Audit Mcp

Name: Secrets Audit Mcp
Author: eltociear

eltociear/secrets-audit-mcp

Scan repos and snippets from your agent for leaked API keys and cloud credentials before commit, deploy, or sharing logs.

Overview

Secrets Audit MCP is a MCP server for the Ship phase that scans code and text for leaked secrets using 32+ provider rules with zero extra dependencies.

What is this MCP server?

Detects leaked secrets and API keys in text and project trees
32+ provider-specific detection rules (AWS, GitHub, Stripe, OpenAI, and more)
Zero-dependency MCP server for fast local stdio wiring
OCI image ghcr.io/eltociear/secrets-audit-mcp:1.0.1 for containerized agents
Fits pre-commit and pre-deploy agent workflows without a separate SaaS scanner
32+ provider-specific detection rules cited in server description
Server version 1.0.1
Zero advertised runtime dependencies

Compatible agents: Claude Code, Cursor, Codex, Windsurf

What problem does it solve?

AI-assisted coding makes it easy to embed real AWS, GitHub, Stripe, or OpenAI keys in generated files that never get caught until the repo is public or deployed.

Who is it for?

Solo builders who paste env vars into chats, generate config from agents, or ship frequently from small repos without a dedicated AppSec team.

Skip if: Organizations that already enforce centralized vault injection only, or teams that need runtime secret rotation and HSM governance from one tool.

What do I get? / Deliverables

Your agent can flag provider-matched secrets during edits or reviews so you rotate keys and strip leaks before ship.

Provider-tagged secret findings across 32+ rule families
Agent-ready audit passes on repos or pasted content
Shorter incident response loops before public release

Recommended MCP Servers

1Claw Vault1clawAI/1claw-mcp

1Claw Vault exposes a stdio MCP server (@1claw/mcp) that connects AI agents to HSM-backed secret storage with just-in-ti…2 stars

1passwordCakeRepository/1Password-MCP

The 1Password MCP server lets solo builders wire service-account access into Claude Code, Cursor, or other stdio MCP hos…16 stars

402sentinel Mcpkaditang/402sentinel-mcp

402 Sentinel MCP gives solo builders and agent authors a pre-flight check before honoring x402 payment flows on Base. In…1 stars

A2adependencyinspector Mcpclauxel/a2a-dependency-inspector-mcp

A2A Dependency Inspector MCP is a hosted Clauxel server for builders shipping agent-to-agent (A2A) workflows who must pr…

A2a Governance Bridge Mcp

A2A Governance Bridge is a Model Context Protocol server that exposes governance-oriented tools for multi-agent setups: …

A2aidentitytoll Mcpclauxel/a2a-identity-toll-mcp

A2A Identity Toll MCP is a Clauxel-hosted remote MCP server that acts as an identity and policy toll booth for agent-to-…

Journey fit

Primary fit

Secret leaks blow up at Ship when code merges and CI runs, but the same scanner helps during Build when agents paste env examples and during Operate when debugging artifacts. Security subphase is the canonical home for credential-leak detection ahead of release and alongside review gates.

How it compares

Agent-side leak scanner MCP, not a hosted vault or enterprise ASM platform.

Common Questions / FAQ

Who is Secrets Audit MCP for?

Indie developers and agent-first teams who need quick, local secret detection across common cloud and SaaS providers without standing up another security product.

When should I use Secrets Audit MCP?

Run it before commits, before opening a PR, after a long agent session that touched config, or right before deploy when you cannot afford a leaked key in production.

How do I add Secrets Audit MCP to my agent?

Add the stdio MCP entry pointing at ghcr.io/eltociear/secrets-audit-mcp:1.0.1 (or your client’s equivalent OCI MCP setup), then call audit tools from the agent on paths or content you want scanned.

Secrets Audit Mcp

eltociear/secrets-audit-mcp

Scan repos and snippets from your agent for leaked API keys and cloud credentials before commit, deploy, or sharing logs.

Overview

Secrets Audit MCP is a MCP server for the Ship phase that scans code and text for leaked secrets using 32+ provider rules with zero extra dependencies.

What is this MCP server?

Detects leaked secrets and API keys in text and project trees
32+ provider-specific detection rules (AWS, GitHub, Stripe, OpenAI, and more)
Zero-dependency MCP server for fast local stdio wiring
OCI image ghcr.io/eltociear/secrets-audit-mcp:1.0.1 for containerized agents
Fits pre-commit and pre-deploy agent workflows without a separate SaaS scanner
32+ provider-specific detection rules cited in server description
Server version 1.0.1
Zero advertised runtime dependencies

Compatible agents: Claude Code, Cursor, Codex, Windsurf

What problem does it solve?

AI-assisted coding makes it easy to embed real AWS, GitHub, Stripe, or OpenAI keys in generated files that never get caught until the repo is public or deployed.

Who is it for?

Solo builders who paste env vars into chats, generate config from agents, or ship frequently from small repos without a dedicated AppSec team.

Skip if: Organizations that already enforce centralized vault injection only, or teams that need runtime secret rotation and HSM governance from one tool.

What do I get? / Deliverables

Your agent can flag provider-matched secrets during edits or reviews so you rotate keys and strip leaks before ship.

Provider-tagged secret findings across 32+ rule families
Agent-ready audit passes on repos or pasted content
Shorter incident response loops before public release

Recommended MCP Servers

1Claw Vault1clawAI/1claw-mcp

1Claw Vault exposes a stdio MCP server (@1claw/mcp) that connects AI agents to HSM-backed secret storage with just-in-ti…2 stars

1passwordCakeRepository/1Password-MCP

The 1Password MCP server lets solo builders wire service-account access into Claude Code, Cursor, or other stdio MCP hos…16 stars

402sentinel Mcpkaditang/402sentinel-mcp

402 Sentinel MCP gives solo builders and agent authors a pre-flight check before honoring x402 payment flows on Base. In…1 stars

A2adependencyinspector Mcpclauxel/a2a-dependency-inspector-mcp

A2A Dependency Inspector MCP is a hosted Clauxel server for builders shipping agent-to-agent (A2A) workflows who must pr…

A2a Governance Bridge Mcp

A2A Governance Bridge is a Model Context Protocol server that exposes governance-oriented tools for multi-agent setups: …

A2aidentitytoll Mcpclauxel/a2a-identity-toll-mcp

A2A Identity Toll MCP is a Clauxel-hosted remote MCP server that acts as an identity and policy toll booth for agent-to-…

Journey fit

Primary fit

How it compares

Agent-side leak scanner MCP, not a hosted vault or enterprise ASM platform.

Common Questions / FAQ

Who is Secrets Audit MCP for?

Indie developers and agent-first teams who need quick, local secret detection across common cloud and SaaS providers without standing up another security product.

When should I use Secrets Audit MCP?

Run it before commits, before opening a PR, after a long agent session that touched config, or right before deploy when you cannot afford a leaked key in production.

How do I add Secrets Audit MCP to my agent?

Add the stdio MCP entry pointing at ghcr.io/eltociear/secrets-audit-mcp:1.0.1 (or your client’s equivalent OCI MCP setup), then call audit tools from the agent on paths or content you want scanned.

Overview

What is this MCP server?

What problem does it solve?

Who is it for?

What do I get? / Deliverables

Recommended MCP Servers

Journey fit

Who is Secrets Audit MCP for?

When should I use Secrets Audit MCP?

How do I add Secrets Audit MCP to my agent?

This week for builders

Overview

What is this MCP server?

What problem does it solve?

Who is it for?

What do I get? / Deliverables

Recommended MCP Servers

Journey fit

Who is Secrets Audit MCP for?

When should I use Secrets Audit MCP?

How do I add Secrets Audit MCP to my agent?