xFreed0m

xFreed0m / ghosttype

Public

Local forensic scanner that extracts credentials from AI tool conversation history. For authorized red team and DLP use only.

38
4
69% credibility
Found May 23, 2026 at 38 stars -- GitGems finds repos before they trend. Get early access to the next one.
Sign Up Free
AI Analysis
Python
AI Summary

ghosttype is a local security scanner that helps authorized security professionals audit AI coding assistant conversations for accidentally exposed credentials. It automatically detects installed AI tools on your computer, extracts their conversation history files, and scans them for secrets like API keys, passwords, and authentication tokens. The tool uses two complementary detection methods: one that verifies whether found credentials are actually live by checking with the issuing service, and another that catches credential-like patterns that might have been missed. Results are delivered as detailed reports showing exactly where each credential was found, what type it is, and whether it poses an active risk. This helps security teams identify and rotate compromised credentials before they can be exploited.

How It Works

1
🔍 You hear about a security concern

Your team lead mentions that AI coding assistants might accidentally store sensitive credentials in their conversation history, and you need to check if any are exposed.

2
📦 You install the scanner

You download and set up ghosttype on your computer, which comes with a quick health-check command to make sure everything is working properly.

3
🤖 It automatically finds your AI tools

The scanner detects which AI tools you have installed—whether it's Claude Code, Cursor, Codex, or ChatGPT—and prepares to examine their conversation files.

4
You run the scan

With one simple command, the scanner dives into all your AI conversation files, hunting for any credentials that might have been accidentally saved.

5
Two detection methods work together
Live verification

The first method confirms with the credential issuer whether each found secret is still active and valid.

🔎
Pattern matching

The second method uses pattern recognition to find credential-like strings that might have slipped through.

6
📊 You receive a detailed report

The scanner produces easy-to-read files showing exactly where each credential was found, what type it is, and whether it was verified as live.

🎉 Your security audit is complete

You now know which credentials were exposed in your AI conversations, which are still active, and can immediately start rotating the at-risk ones to keep your systems safe.

Sign up to see the full architecture

5 more

Sign Up Free

Star Growth

See how this repo grew from 38 to 38 stars Sign Up Free
Repurpose This Repo

Repurpose is a Pro feature

Generate ready-to-use prompts for X threads, LinkedIn posts, blog posts, YouTube scripts, and more -- with full repo context baked in.

Unlock Repurpose
AI-Generated Review

What is ghosttype?

ghosttype is a Python-based forensic scanner that digs through your AI tool conversation history to find exposed credentials and secrets. It extracts credentials from chat logs stored by tools like Claude Code, Cursor, Codex, and ChatGPT Desktop, then runs them through TruffleHog to verify whether they're actually live. The tool outputs findings as JSON or CSV, with each result linked back to the source conversation file so you know exactly where the exposure happened. It runs entirely locally, making it suitable for air-gapped environments where you don't want verification calls hitting external APIs.

Why is it gaining traction?

The hook here is the verification step. Most credential scanners just flag patterns; ghosttype actually calls the provider's API to confirm whether a found credential is still active. This is a game-changer for triage work, because it separates rot from live fire. The dual-engine approach also catches loose variable-name patterns that strict structural detectors miss. The CLI is straightforward: `ghosttype scan` to run everything, `ghosttype doctor` to check your environment, `--only-verified` to surface only live credentials, and `--no-verification` for a fast offline pass. The `--redact` flag handles sensitive output cleanly.

Who should use this?

Licensed penetration testers and red team operators running under explicit written authorization will find this most useful for documenting credential exposure during engagements. DLP and blue teams can use it to audit developer machines for secrets left in AI tool history before they become incidents. If you're an individual developer who has pasted API keys or tokens into ChatGPT or Claude while debugging, this is a way to find and rotate them before someone else does.

Verdict

At 38 stars with a 0.699999988079071% credibility score, this is early-stage and niche. The code is well-structured with solid test coverage and pre-commit hygiene, but the project is young and the documentation reflects it. If you're in an authorized testing role, the verification-first approach justifies the dependency on TruffleHog. Everyone else should wait for broader adoption before betting on it for production workflows.

Sign up to read the full AI review Sign Up Free

Similar repos coming soon.