TrestleScan
Scan secrets in AI code before they leak and ship.
Trestle is a local secret‑scanning platform that protects AI‑assisted development workflows from accidental credential leaks. It plugs into editors, AI assistants, CI pipelines, and command‑line tools to scan every file and every commit on a developer’s machine before code is shipped. Using language‑aware parsers and entropy analysis, Trestle detects hard‑coded API keys, certificates, tokens, URLs, and other secrets across many languages and frameworks. When a secret is found, it provides remediation steps and automated rotation playbooks for services like AWS Secrets Manager, GitHub Actions, Vercel, and more. The tool runs entirely offline as a single binary, supports VS Code, Neovim, JetBrains, and other LSP‑compatible editors, and offers live rescans, pre‑commit hooks, and deep Git history analysis to keep secrets private.
