Search
halfday-env-scan
halfday
Scan .env files for leaked API keys, weak passwords, and security issues. 50+ secret patterns, weak password detection, and a letter grade for your env hygiene.
...more@sysid/sandbox-runtime-improved
sysid
Improved Anthropic Sandbox Runtime (ASRT) - A general-purpose tool for wrapping security boundaries around arbitrary processes (sysid fork with several improvements and bug fixes)
...moredworshak-secret
`dworshak-secret` is a light-weight library for local credential access. By adding `dworshak-secret` as a dependency to your Python project, you enable your program or script to leverage secure credentials.
...moresolidity-argus
apeguru
Solidity smart contract security auditing plugin for OpenCode — 4 specialized agents, 12 tools (11 core + optional Solodit), and a curated vulnerability knowledge base
...more@zkim-platform/file-format
zkimdev
Secure, post-quantum encrypted file format with three-layer encryption, ML-KEM-768/ML-DSA-65 cryptography, and privacy-preserving search capabilities
...more@imexs/audit-trail
widiramadhan
Enterprise-grade Audit Trail Plugin for Node.js with TypeScript - Performance Monitoring, System Integration Audit, Data Accountability & User Activity Tracking with Advanced Security Features
...more@nexload-sdk/jwt
mm25zamanian
A lightweight, policy-driven, and adapter-based JWT factory for creating and verifying tokens in Node.js backend services. Enforces security best practices through a decoupled, testable architecture.
...moreyash-auth-flow
yash.khalash
Production-ready multi-account authentication library (Auth Forge) for Node.js, Express, Prisma, and PostgreSQL. Secure JWT auth, OTP, and dynamic email verification flow.
...moresecret-env
shakhawat.dev
A secure alternative to dotenv — prevents sensitive '.env.secret' files from being pushed to Git and creates '.env.secret.example' automatically. Supports CommonJS and ES Module.
...moreopencode-warden
toreuyar
Security plugin for OpenCode — intercepts tool calls to detect secrets, redact sensitive data, evaluate safety risks, block access to sensitive files, and maintain an audit trail
...more@prathammahajan/rate-limiter-advanced
prathammahajan
Security-focused IP-based rate limiter for detecting and banning hackers, bots, and malicious users. Features automatic IP banning, threat detection, analytics, and multi-channel alerts.
...more@pinkpixel/keyper
sizzlebop
🔐 Modern self-hosted credential manager with zero-knowledge encryption, multi-user support, and emergency recovery. Store API keys, passwords, and secrets securely with your own Supabase database.
...moreaegis-audit
rsh1k
AI-powered smart contract security auditor — OWASP SC Top 10 (2026), MITRE ATT&CK, CWE, and NIST SSDF compliance outputs with a benchmarked detection engine
...morezenstack-graphql-builder
jase17
Automatically generate a complete GraphQL CRUD API from ZenStack schemas, including input types, filters, relation resolvers, custom directive support, security limits, and query projection parsing.
...more@snitchplugin/cli
snitchplugin
Local AI security scanner. Runs on your laptop with your own Claude Code, Codex, Gemini, or OpenRouter key. Source never leaves your machine. 68 categories, SARIF output, CI-ready.
...morevirgil-crypto
rstp
Virgil JavaScript Crypto Library is a high-level cryptographic library that allows you to perform all necessary operations for secure storing and transferring data and everything required to become HIPAA and GDPR compliant.
...more@acegalaxy/ott-gateway
kanelr
Inbound message security gateway for bots — 5-layer default-deny (caller-validator, identity-resolver, rate-limit, audit, forward) for Telegram/WhatsApp/WeChat and other OTT platforms.
...more@nichtsam/helmet
GitHub Actions
Helps secure applications by setting HTTP response headers. Inspired by [`helmet`](https://github.com/helmetjs/helmet) and [`http-helmet`](https://github.com/mcansh/http-helmet).
...more@bytehide/secrets
jespanag
The official ByteHide Secrets Manager SDK for Node.js/TypeScript, enabling secure retrieval and management of environment-based secrets, rotation, and auditing. Eliminate hardcoded credentials and keep your secrets out of code.
...moreevm-kms-signer
GitHub Actions
AWS/GCP KMS-based Ethereum signer for viem with enterprise-grade security. Sign transactions and messages using keys stored in AWS or GCP KMS without exposing private keys.
...more