Leakferret

Name: Leakferret
Author: leakferrethq

leakferrethq/leakferret

Let the agent scan staged changes for secrets, verify findings, and rewrite leaks before you commit or ship.

Overview

Leakferret MCP is a MCP server for the Ship phase that lets your agent scan, verify, and rewrite secrets before committing code.

What is this MCP server?

Context-aware secret scanning designed for agent-driven pre-commit review
Verify findings so the agent does not blindly redact benign strings
Rewrite or remediate detected secrets before commits land in history
stdio MCP via npm @leakferret/mcp (registry 0.1.9)
GitHub-hosted leakferrethq/leakferret for trust and updates
Registry version 0.1.9; npm identifier @leakferret/mcp
stdio transport; repository github.com/leakferrethq/leakferret
Described capability triad: scan, verify, rewrite before committing

Compatible agents: Claude Code, Cursor, Codex, Windsurf

Community signal: 3 GitHub stars.

What problem does it solve?

It is easy to paste API keys into config or logs and only notice after git history or a public push makes rotation painful.

Who is it for?

Solo developers who want agent-assisted secret checks on every sensitive edit without standing up enterprise secret scanners first.

Skip if: Organizations that need full compliance programs, runtime secret managers only, or scanning with zero agent involvement.

What do I get? / Deliverables

The agent can run Leakferret-backed scans, confirm real leaks, and produce safer rewrites before you commit or deploy.

Verified secret findings with context-aware classification
Suggested or applied rewrites removing exposed credentials
Safer commits without keys in tracked files

Recommended MCP Servers

1Claw Vault1clawAI/1claw-mcp

1Claw Vault exposes a stdio MCP server (@1claw/mcp) that connects AI agents to HSM-backed secret storage with just-in-ti…2 stars

1passwordCakeRepository/1Password-MCP

The 1Password MCP server lets solo builders wire service-account access into Claude Code, Cursor, or other stdio MCP hos…16 stars

402sentinel Mcpkaditang/402sentinel-mcp

402 Sentinel MCP gives solo builders and agent authors a pre-flight check before honoring x402 payment flows on Base. In…1 stars

A2adependencyinspector Mcpclauxel/a2a-dependency-inspector-mcp

A2A Dependency Inspector MCP is a hosted Clauxel server for builders shipping agent-to-agent (A2A) workflows who must pr…

A2a Governance Bridge Mcp

A2A Governance Bridge is a Model Context Protocol server that exposes governance-oriented tools for multi-agent setups: …

A2aidentitytoll Mcpclauxel/a2a-identity-toll-mcp

A2A Identity Toll MCP is a Clauxel-hosted remote MCP server that acts as an identity and policy toll booth for agent-to-…

Journey fit

Primary fit

Secret hygiene is a pre-ship gate—catching credentials before they hit git or production aligns with the ship phase. Security subphase covers secret scanning and remediation in the dev loop, not post-launch monitoring alone.

How it compares

Pre-commit secret-scan MCP, not infrastructure monitoring or pentest automation marketplace skills.

Common Questions / FAQ

Who is Leakferret MCP for?

Individual builders and small teams using AI coding agents who want automated secret detection and rewrite help right before commits.

When should I use Leakferret MCP?

Use it during ship-phase security whenever you change env files, tokens, CI secrets, or integrations and before you commit or open a PR.

How do I add Leakferret MCP to my agent?

Add stdio MCP for @leakferret/mcp from npm per registry 0.1.9, restart Claude Code or Cursor, then call the server's scan and verify tools on your diff.

Leakferret

leakferrethq/leakferret

Let the agent scan staged changes for secrets, verify findings, and rewrite leaks before you commit or ship.

Overview

Leakferret MCP is a MCP server for the Ship phase that lets your agent scan, verify, and rewrite secrets before committing code.

What is this MCP server?

Context-aware secret scanning designed for agent-driven pre-commit review
Verify findings so the agent does not blindly redact benign strings
Rewrite or remediate detected secrets before commits land in history
stdio MCP via npm @leakferret/mcp (registry 0.1.9)
GitHub-hosted leakferrethq/leakferret for trust and updates
Registry version 0.1.9; npm identifier @leakferret/mcp
stdio transport; repository github.com/leakferrethq/leakferret
Described capability triad: scan, verify, rewrite before committing

Compatible agents: Claude Code, Cursor, Codex, Windsurf

Community signal: 3 GitHub stars.

What problem does it solve?

It is easy to paste API keys into config or logs and only notice after git history or a public push makes rotation painful.

Who is it for?

Solo developers who want agent-assisted secret checks on every sensitive edit without standing up enterprise secret scanners first.

Skip if: Organizations that need full compliance programs, runtime secret managers only, or scanning with zero agent involvement.

What do I get? / Deliverables

The agent can run Leakferret-backed scans, confirm real leaks, and produce safer rewrites before you commit or deploy.

Verified secret findings with context-aware classification
Suggested or applied rewrites removing exposed credentials
Safer commits without keys in tracked files

Recommended MCP Servers

1Claw Vault1clawAI/1claw-mcp

1Claw Vault exposes a stdio MCP server (@1claw/mcp) that connects AI agents to HSM-backed secret storage with just-in-ti…2 stars

1passwordCakeRepository/1Password-MCP

The 1Password MCP server lets solo builders wire service-account access into Claude Code, Cursor, or other stdio MCP hos…16 stars

402sentinel Mcpkaditang/402sentinel-mcp

402 Sentinel MCP gives solo builders and agent authors a pre-flight check before honoring x402 payment flows on Base. In…1 stars

A2adependencyinspector Mcpclauxel/a2a-dependency-inspector-mcp

A2A Dependency Inspector MCP is a hosted Clauxel server for builders shipping agent-to-agent (A2A) workflows who must pr…

A2a Governance Bridge Mcp

A2A Governance Bridge is a Model Context Protocol server that exposes governance-oriented tools for multi-agent setups: …

A2aidentitytoll Mcpclauxel/a2a-identity-toll-mcp

A2A Identity Toll MCP is a Clauxel-hosted remote MCP server that acts as an identity and policy toll booth for agent-to-…

Journey fit

Primary fit

How it compares

Pre-commit secret-scan MCP, not infrastructure monitoring or pentest automation marketplace skills.

Common Questions / FAQ

Who is Leakferret MCP for?

Individual builders and small teams using AI coding agents who want automated secret detection and rewrite help right before commits.

When should I use Leakferret MCP?

Use it during ship-phase security whenever you change env files, tokens, CI secrets, or integrations and before you commit or open a PR.

How do I add Leakferret MCP to my agent?

Add stdio MCP for @leakferret/mcp from npm per registry 0.1.9, restart Claude Code or Cursor, then call the server's scan and verify tools on your diff.

Overview

What is this MCP server?

What problem does it solve?

Who is it for?

What do I get? / Deliverables

Recommended MCP Servers

Journey fit

Who is Leakferret MCP for?

When should I use Leakferret MCP?

How do I add Leakferret MCP to my agent?

This week for builders

Overview

What is this MCP server?

What problem does it solve?

Who is it for?

What do I get? / Deliverables

Recommended MCP Servers

Journey fit

Who is Leakferret MCP for?

When should I use Leakferret MCP?

How do I add Leakferret MCP to my agent?