Skip to main content
Glama
skutry

credential-free

by skutry
OverviewSchemaRelated ServersScoreDiscussions
Python
Hybrid

credential-free

MCP server that scans code for exposed secrets. Detects API keys, tokens, and credentials in 69 patterns across cloud, AI, payment, and auth services.

Quick Setup ( 2 minutes )

Install System-wide

⚠️ Requires Python 3.10+

# Clone and install git clone <repo-url> cd credential-free pip install -e . # Run server python -m src.server

Alternative: Requirements File

pip install -r requirements.txt python -m src.server

Add to Your IDE

Windsurf / Kiro

Edit mcp_config.json:

{ "mcpServers": { "credential-free": { "command": "/usr/bin/python3", "args": ["-m", "src.server"], "env": {} } } }

Find your Python path:

# Mac/Linux which python3 # Windows where python

Claude Desktop

Edit claude_desktop_config.json:

{ "mcpServers": { "credential-free": { "command": "/usr/bin/python3", "args": ["-m", "src.server"], "env": {} } } }

Test It

MCP Server Test

# Test the server python -c "from src.server import get_patterns; print('Server works!')"

CLI Test

# Test CLI info python -m src info # Test CLI scan python -m src scan file README.md # Test CLI with exclude patterns python -m src scan directory . --exclude-patterns '.*\.txt$'

Usage Examples

MCP Server (AI Assistant)

Ask your AI:

  • "scan this file for secrets"

  • "check my project for exposed api keys"

  • "what patterns do you detect?"

  • "find any hardcoded credentials"

  • "scan my project but exclude .txt files"

CLI (Standalone)

# Scan single file python -m src scan file config.py # Scan directory with exclusions python -m src scan directory . --exclude-patterns '.*\.txt$' '.*\.md$' # Scan text content python -m src scan content "AKIAIOSFODNN7EXAMPLE" # Show scanner info python -m src info

tools

MCP Tool

CLI Command

description

scan_file

python -m src scan file

scan a file for secrets

scan_directory

python -m src scan directory

scan a folder recursively (supports exclude_patterns)

scan_content

python -m src scan content

scan text directly

get_patterns

python -m src info

list detection patterns

what it detects

69 patterns across:

  • cloud: aws, gcp, azure, vercel, heroku

  • ai: openai, anthropic, huggingface, groq

  • payment: stripe, square

  • auth: github, gitlab, slack, discord

  • database: postgresql, mongodb, redis

example output

{ "success": true, "count": 2, "findings": [ { "type": "AWS Access Key", "value": "AKIA****MPLE", "severity": "CRITICAL", "category": "cloud" } ] }

docker

docker build -t credential-free . docker run credential-free

built for aws global vibe hackathon 2025

This server cannot be installed

-
security - not tested
A
license - permissive license
-
quality - not tested

How are these scores calculated?

Resources

New MCP Servers

Latest Blog Posts

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/skutry/credential-free'

If you have feedback or need assistance with the MCP directory API, please join our Discord server