security 1 credit · ~$0.015 <10ms

Secret Scanner

POST /v1/scan/secrets

Detects hardcoded credentials in AI-generated code before they reach git or production. Every match is redacted — only the type, severity, and line number are returned.

Capabilities

  • 10 detectors: AWS, GitHub, OpenAI, Anthropic, private keys, DB URLs, passwords, high-entropy strings
  • Severity: critical / high / medium
  • Redacted output with line numbers
  • Under 10ms, no network calls

Use cases

  • Pre-commit and pre-deploy scanning of generated code
  • Coding agents writing config files
  • CI secret gates
example
curl -X POST https://api.agent-toolbox.ai/v1/scan/secrets \
  -H "Content-Type: application/json" \
  -d '{"code": "API_KEY=sk-abc123 # hardcoded"}'
response shape
{
  "verdict": "PASS" | "FLAG" | "BLOCK",
  // tool-specific findings…
  "certificate": "sha256:..."
}