AgentReadyHomeAgent Listing

← Agent Listing

TruffleHog

MCP Tools and AgentsFreemiumOpen Source

Secrets discovery, classification, and live-verification tool with 700+ detectors, usable by agents to find leaked credentials.

🛡️ AgentReady threat assessment

MAESTRO 7-layer threat model + OWASP AIVSS risk score for TruffleHog, derived from its capabilities.

AIVSS 8.7 · High
View MAESTRO 7-layer threat model →

Overview

TruffleHog finds, verifies, and analyzes leaked credentials across git, chats, wikis, logs, object stores, and filesystems using 700+ verified detectors that make live API calls to confirm whether a secret is still valid. As agent tooling it lets an assistant scan repos and history for exposed credentials before they are abused. Running verification calls and reading source make it a sensitive scanning surface.

Key features

Use cases