AgentReadyHomeAgent ListingPricing

← Agent Listing

TruffleHog

MCP Tools and AgentsFreemiumOpen Source

Secrets discovery, classification, and live-verification tool with 700+ detectors, usable by agents to find leaked credentials.

🛡️ AgentReady threat assessment

MAESTRO 7-layer threat model + OWASP AIVSS risk score for TruffleHog, derived from its capabilities.

AIVSS 8.7 · High
View MAESTRO 7-layer threat model →

These scores are auto-generated from public information (the agent's own listing, docs, and repository) using the canonical OWASP AIVSS formula and the MAESTRO framework — an estimate for guidance, not a penetration test, audit, or certification. See the scoring methodology. Are you the vendor? Factual corrections are free.

Overview

TruffleHog finds, verifies, and analyzes leaked credentials across git, chats, wikis, logs, object stores, and filesystems using 700+ verified detectors that make live API calls to confirm whether a secret is still valid. As agent tooling it lets an assistant scan repos and history for exposed credentials before they are abused. Running verification calls and reading source make it a sensitive scanning surface.

Key features

Use cases