hazcod

hazcod / claudleak

Public

Hunt for AI coding artifacts containing secrets.

ironpeak.beblogleaking-secrets-from-the-claud ai credential leak leakage trufflehog
54
7
100% credibility
Found Feb 18, 2026 at 23 stars 2x -- GitGems finds repos before they trend. Get early access to the next one.
Sign Up Free
AI Analysis
Go
AI Summary

A scanner that searches public online project folders for accidentally leaked private details in AI coding helper setups.

How It Works

1
πŸ” Discover the Scanner

You hear about a helpful tool that checks public online project folders for accidentally shared private notes from AI coding helpers.

2
πŸ“₯ Get It Ready

You easily download and prepare the scanner on your computer.

3
πŸ”— Connect to GitHub

You link your GitHub account so the tool can look at public projects.

4
πŸš€ Start Scanning

You launch the search, and it begins checking projects for those hidden private details.

5
⏳ Watch Progress

You see it working through projects, spotting any matches along the way.

πŸ“‹ See Your Results

You get a clear report of what was found, helping make the internet safer by spotting overshared info.

Sign up to see the full architecture

4 more

Sign Up Free

Star Growth

See how this repo grew from 23 to 54 stars Sign Up Free
Repurpose This Repo

Repurpose is a Pro feature

Generate ready-to-use prompts for X threads, LinkedIn posts, blog posts, YouTube scripts, and more -- with full repo context baked in.

Unlock Repurpose
AI-Generated Review

What is claudleak?

claudleak is a Go CLI tool that scans public GitHub repositories for leaked credentials in AI coding artifacts like .claude/, .cursor/, or CLAUDE.md files containing secrets. It automates discovery, cloning, and detection using TruffleHog, outputting results as tables or JSON. Developers get a fast way to uncover bounty hunt coding wins without sifting through repos manually.

Why is it gaining traction?

It targets niche AI coding configs that broad scanners overlook, turning GitHub into a bug hunt coding playground. User-friendly flags like --max-repos, --workers, --org, and --verified-only speed up key hunt github sessions with concurrent scans and clean outputs. The hook: effortless treasure hunt coding for devs spotting real leaks amid the noise.

Who should use this?

Security researchers running bug bounty hunts or eternal hunt github sweeps on orgs like microsoft. Auditors doing scavenger hunt github for troy hunt github-style exposures in AI tools. Devs curious about product hunt github repos hiding credentials in coding artifacts.

Verdict

At 18 stars and 1.0% credibility score, claudleak feels raw but packs solid docs, easy Go installs, and focused scansβ€”try it for quick AI leak hunts. Maturity lags, so validate findings with established tools before cashing bounties.

(178 words)

Sign up to read the full AI review Sign Up Free

Similar repos coming soon.