How do I use credential-free?

1. Click on "Install Server". 2. Wait a few minutes for the server to deploy. Once ready, it will show a "Started" state. 3. In the chat, type @ followed by the MCP server name and your instructions, e.g., "@credential-free scan this config file for exposed API keys" That's it! The server will respond to your query, and you can continue using it as needed. Here is a step-by-step guide with screenshots.

Detects exposed Discord tokens and credentials in code and files

Detects exposed GitHub tokens and credentials in code and files

Detects exposed GitLab tokens and credentials in code and files

Detects exposed Heroku API keys and credentials in code and files

Detects exposed MongoDB connection strings and credentials in code and files

Detects exposed OpenAI API keys and credentials in code and files

Detects exposed PostgreSQL connection strings and credentials in code and files

Detects exposed Redis connection strings and credentials in code and files

Detects exposed Slack tokens and credentials in code and files

Detects exposed Square API keys and credentials in code and files

Detects exposed Stripe API keys and credentials in code and files

Detects exposed Vercel tokens and credentials in code and files

credential-free

MCP server that scans code for exposed secrets. Detects API keys, tokens, and credentials in 69 patterns across cloud, AI, payment, and auth services.

Quick Setup ( 2 minutes )

Install System-wide

⚠️ Requires Python 3.10+

# Clone and install git clone <repo-url> cd credential-free pip install -e . # Run server python -m src.server

Alternative: Requirements File

pip install -r requirements.txt python -m src.server

Add to Your IDE

Windsurf / Kiro

Edit mcp_config.json:

{ "mcpServers": { "credential-free": { "command": "/usr/bin/python3", "args": ["-m", "src.server"], "env": {} } } }

Find your Python path:

# Mac/Linux which python3 # Windows where python

Claude Desktop

Edit claude_desktop_config.json:

{ "mcpServers": { "credential-free": { "command": "/usr/bin/python3", "args": ["-m", "src.server"], "env": {} } } }

Test It

MCP Server Test

# Test the server python -c "from src.server import get_patterns; print('Server works!')"

CLI Test

# Test CLI info python -m src info # Test CLI scan python -m src scan file README.md # Test CLI with exclude patterns python -m src scan directory . --exclude-patterns '.*\.txt$'

Usage Examples

MCP Server (AI Assistant)

Ask your AI:

"scan this file for secrets"
"check my project for exposed api keys"
"what patterns do you detect?"
"find any hardcoded credentials"
"scan my project but exclude .txt files"

CLI (Standalone)

# Scan single file python -m src scan file config.py # Scan directory with exclusions python -m src scan directory . --exclude-patterns '.*\.txt$' '.*\.md$' # Scan text content python -m src scan content "AKIAIOSFODNN7EXAMPLE" # Show scanner info python -m src info

tools

MCP Tool	CLI Command	description
`scan_file`	`python -m src scan file`	scan a file for secrets
`scan_directory`	`python -m src scan directory`	scan a folder recursively (supports exclude_patterns)
`scan_content`	`python -m src scan content`	scan text directly
`get_patterns`	`python -m src info`	list detection patterns

what it detects

69 patterns across:

cloud: aws, gcp, azure, vercel, heroku
ai: openai, anthropic, huggingface, groq
payment: stripe, square
auth: github, gitlab, slack, discord
database: postgresql, mongodb, redis

example output

{ "success": true, "count": 2, "findings": [ { "type": "AWS Access Key", "value": "AKIA****MPLE", "severity": "CRITICAL", "category": "cloud" } ] }

docker

docker build -t credential-free . docker run credential-free

built for aws global vibe hackathon 2025

credential-free

credential-free

Quick Setup ( 2 minutes )

Install System-wide

Alternative: Requirements File

Add to Your IDE

Windsurf / Kiro

Claude Desktop

Test It

MCP Server Test

CLI Test

Usage Examples

MCP Server (AI Assistant)

CLI (Standalone)

tools

what it detects

example output

docker

Resources

New MCP Servers

Latest Blog Posts

MCP directory API