Privacy Scanner
NEWPaste any JSON, code, config, or text to instantly detect exposed API keys, passwords, tokens, emails, and other secrets. 100% client-side — your data never leaves your browser.
Frequently Asked Questions
What secrets can it detect?
AWS keys, OpenAI/Anthropic API keys, Google API keys, GitHub tokens, Stripe keys, Slack tokens, JWT tokens, SSH private keys, database connection strings, generic passwords/secrets, email addresses, phone numbers, IP addresses, and URLs with embedded credentials.
Is my data safe when using this scanner?
Absolutely. The Privacy Scanner runs 100% in your browser. Your data never leaves your device. Zero network requests are made with your content. Verify in DevTools.
What should I do if secrets are found?
Immediately rotate any exposed credentials: revoke the old key and generate a new one. Check your git history for committed secrets. If you previously pasted this data into online formatters, assume the credentials are compromised.