Free during beta

Scan your GitHub repos
for exposed secrets.

16 curated patterns. Zero config. Results in under 60 seconds.

No login required for public repos. 60 scans per hour shared limit.

or
Sign in with GitHubSee what we detect

Read-only access. We never store your code.

How it works

Three steps. No setup, no CLI, no config files.

01

Connect GitHub

Sign in with OAuth. Read-only access to the repos you choose.

02

Run a scan

Pick a repo. We fetch the file tree and match 16 secret patterns in parallel.

03

Review findings

Results grouped by severity. File path, line number, masked preview.

What we detect

16 curated patterns across the secrets developers leak most.

Cloud providers

critical
  • AWS Access Keys
  • AWS Secret Keys
  • Google API Keys

Developer tools

critical
  • GitHub Personal Tokens
  • GitHub OAuth Tokens
  • NPM Tokens

Payments & APIs

high
  • Stripe Live Keys
  • OpenAI API Keys
  • SendGrid Keys

Communications

high
  • Slack Tokens
  • Twilio Credentials
  • JWT Tokens

Databases

medium
  • Connection Strings with Passwords
  • MongoDB URIs

Cryptography

critical
  • RSA Private Keys
  • SSH Private Keys

More patterns added regularly based on user reports.

Frequently asked

Do you store my source code?+

No. We fetch files from the GitHub API only during a scan and discard them immediately after. Findings are stored; code is not.

What permissions does RepoGuard need?+

Read-only access to repository contents and metadata. We never request write access, and we can never modify your code.

Can I scan private repositories?+

Not yet. RepoGuard currently requests the public_repo OAuth scope only, so it can't read private code. Private repo support is on the roadmap.

How is this different from GitHub secret scanning?+

GitHub's built-in scanning is free but limited to partner patterns. RepoGuard adds curated patterns, severity grouping, and a focused UI for solo devs and small teams.

Can I cancel anytime?+

Yes. Cancel from your account settings in one click. No phone calls, no dark patterns.

Is RepoGuard free?+

Yes, fully free during the current beta. I'm still figuring out what people value enough to pay for — feedback is very welcome.