88%
+11pp YoYof basic web application attacks involve stolen credentials.
Code your AI writes ends up in more places than you'd want. Scrapers pull it from public commits in almost real time, client bundles ship it to every visitor's browser, and today's commits train tomorrow's models. Trestle works alongside your AI assistant, scanning every file and every commit, so your secrets stay yours.
I'll write the client and use trestle to verify it doesn't leak any secrets.
Found a hardcoded API key. I'll move it to .env and reference it via process.env.API_KEY.
Done. The key is now in .env (already gitignored). Set API_KEY on your deployment environments too.
88%
+11pp YoYof basic web application attacks involve stolen credentials.
$4.44M
global average cost of a data breach in 2025.
94days
median time to remediate a secret leaked to a GitHub repository.
8min
for an AI-assisted attacker to go from a leaked credential to AWS admin access.
A local secret scanner that plugs into your editor, your AI assistant, and your CI. Every file and every commit gets checked before it leaves your machine.
Catches hundreds of real credential patterns, and can still flag unfamiliar keys by looking at entropy, variable names, and surrounding context.
MCP server for Claude Code, Cursor, Copilot, Codex, and any MCP-aware tool. Native VS Code extension. Language server for Neovim, Helix, Zed, JetBrains, and any LSP-aware editor.
Every finding ships with the steps to extract the secret out of source, what to put in your .env locally, and per-platform rotation steps tailored to the deployment targets it finds in your repo.
Language parsers, not just regular expressions. Trestle can tell apart environment variables, build arguments, headers, parameters, and source code variables and constants, so the right rule applies to the right kind of value.
One static binary. trestle scan, plus trestle watch for live rescans. Auto-installed pre-commit hook stops bad commits.
Runs entirely on your machine. No network, no telemetry, no account, no signup.
Multi-threaded with an incremental cache. Honors .gitignore plus your own skip rules.
Removing a leaked secret in a new commit does not erase it from history. Anyone with the repo can still pull it back.
Trestle will scan every commit on every branch, applying the same detection rules as your working tree, so old leaks stop hiding in plain sight.
Open source and free for personal use. Pro adds remediation guidance as well as commercial licensing and per-seat pricing that scales as you grow.
Trestle is a single static binary: no runtime to install, nothing to configure. Download a build for your platform, or compile from source.
echo 'export PATH="$HOME:$PATH"' >> ~/.zshrc && source ~/.zshrc.Once installed, set up Trestle in a project by running trestle install in that project's root directory.
Claude Code, Cursor, Copilot and other AI agents can use Trestle to scan their output before writing files. They get the same findings as on the command line.
Trestle runs automatically before each commit. If secrets are found, the commit is aborted and the findings are reported so they can be addressed.
Set trestle --lsp as the language server in Neovim, Helix, Zed, or JetBrains IDEs, or install the official Trestle extension for Visual Studio Code.