Find every leaked secret on your machine — API keys in .env files, shell history, and configs.
Find every leaked secret on your machine. GhostHunt is an MCP server that scans your development machine for API keys, tokens, and credentials hiding in places you forgot to check: files scattered across projects, shell history, AWS/SSH/Docker configs, and more. Everything runs locally. No data leaves your machine. Environment files — recursively finds every , , , etc. under your home directory…
Verification confirms publisher identity (repo ownership), not code safety. The security scan covers known CVEs and suspicious install scripts — it cannot prove the absence of malicious code.
Find every leaked secret on your machine. GhostHunt is an MCP server that scans your development machine for API keys, tokens, and credentials hiding in places you forgot to check: files scattered across projects, shell history, AWS/SSH/Docker configs, and more. Everything runs locally. No data leaves your machine. Environment files — recursively finds every , , , etc. under your home directory AWS credentials — and session tokens SSH keys — unprotected private keys in Docker config — registry…