Vaultless

Scan GitHub repos. Remove exposed secrets automatically.

Vaultless connects to your repository, detects leaked environment variables and tokens, and commits clean files back in minutes.

$npm install -g vaultless
Open guided workflow

$ vaultless scan owner/repo

Scanning tracked files...

Found 4 exposed values in 2 files.

Replaced sensitive values with placeholders.

Committed changes to `security/vaultless-cleanup`.

Two ways to use Vaultless

Use it anywhere — in the browser or from your terminal.

Web App

Connect your GitHub account, scan any repo, and open a PR with fixes — all from your browser.

Try the web app

CLI

Run Vaultless directly in any project folder. No browser needed.

Install the CLIQuick install command ↑

How it works

01

Connect

02

Scan

03

Clean

Features built for engineering teams

GitHub OAuth login, no account setup

Scans .env files, source, and configs

Finds secrets in YAML, JSON, and TOML

Detailed, file-level detection reports

Auto-commits cleaned files to your repo

Stateless architecture with no data storage

What Vaultless detects

repo/.env.local
GITHUB_TOKEN=[REDACTED]
DATABASE_URL=[REDACTED]
STRIPE_SECRET_KEY=[REDACTED]
JWT_PRIVATE_KEY=[REDACTED]

# vaultless report
# 4 secrets replaced and committed