🛡️ SecAPI v1.0.0 Stable

The secure path is now
the fastest path.

Secure, local-first API key management & leak prevention. Scan your codebase, encrypt secrets into an offline vault, and replace leaks with safe code references in one command.

$ curl -fsSL https://raw.githubusercontent.com/BinayakJha/SecAPI/main/install.sh | sh

✓ Copied to clipboard!

Deep Secrets Scanning

Audit your codebase instantly. SecAPI scans directory trees (filtering out dependencies like node_modules and honoring .secapiignore profiles) using lightning-fast regex rules or line-aware AI to discover raw Stripe, AWS, OpenAI, Slack, Google, and generic credentials.

Dual-Encrypted Vaulting

SecAPI derives strong keys using PBKDF2-HMAC (100,000 iterations of SHA-256). It generates a 24-character Mnemonic Recovery Key during vault setup—permitting password resets without risk of data loss. Encryption and decryption are strictly local; no keys ever touch a server.

LHS-Preserving Replacements

Say goodbye to breaking imports or configuration mappings. The smart fixer parses variable assignments and swaps out only the string literal (RHS) for load_key("key"), preserving the LHS variable name, indentation, and comments.

Terminal Status Board

Visualize key usage across environments. Running secapi list renders a responsive ANSI dashboard showcasing key names, ages (in days), creation timestamps, and warning tags (🟢 Active, 🟡 Rotate Soon, 🔴 Expired).

Pre-Commit Protection

Block leaks before they reach GitHub. Running secapi init-hook sets up an executable git hook that intercepts commits, scans staged modifications in a non-interactive mode, and halts code pushes if plaintext secrets are found.

bash — secapi — local-session

user@dev:~/my_project$

The secure path is nowthe fastest path.