Free Tools Pricing
Log in →
Free tools. No account needed.

Find what's exposed before someone else does

Scan your MCP configs, check your .env exposure, audit AI tool permissions. Four free CLI tools that find real problems on your machine. No account required.

Free tools. No signup needed.

See what your AI can see on your machine

These free tools tell you what your AI can see on your machine. Run them before you build anything. No signup needed.

Free audit tools. CLI-native.

Audit your AI tool boundaries before shipping

Free audit tools for MCP configs, context window exposure, and tool permission boundaries. CLI-native, no account required.

devsafe scan Free
Find repos sitting in cloud sync folders that are actively corrupting your .git directories.
$ devsafe scan ~/Projects
 
my-saas-app  ~/Library/Mobile Documents/.../my-saas-app
client-site  ~/Library/Mobile Documents/.../client-site
portfolio    ~/Dropbox/Dev/portfolio
devsafe      ~/Projects/devsafe (safe)
 
3 repos at risk · 10 repos unprotected · 1 safe
Learn more →
devsafe diagnose Free
Scan 6 AI coding tools across 4 leak paths. Find every secret your AI can read.
$ devsafe diagnose
 
Claude Code   PATH 1: .env readable by AI agent
             PATH 2: Error messages can leak DB connection string
             PATH 3: No secrets in grep-accessible paths
Cursor       PATH 1: .env readable, no deny mechanism
 
RESULT: 11 exposures across 3 tools · 3 tips
Learn more →
devsafe health Free
One health score per repo. Cloud sync risk, git integrity, backup freshness, AI exposure.
$ devsafe health
 
my-saas-app    28/100  cloud sync, no backup, .env exposed
client-site    55/100  cloud sync, has backup, AI safe
devsafe        92/100  safe location, encrypted backup, shielded
 
Average: 42/100 · 3 critical · 2 warning · 1 healthy
Learn more →
devsafe mcp-scan Free
Find API keys hardcoded in your MCP server configs. MCP has no secret management. Check yours.
$ devsafe mcp-scan
 
~/.cursor/mcp.json
   supabase-mcp  SUPABASE_SERVICE_KEY exposed in env
   slack-notify   SLACK_WEBHOOK_URL exposed in env
~/.claude/mcp.json
   filesystem    No secrets found
 
6 secrets exposed across 2 configs · 1 config clean
Learn more →
How it works

Three steps. Zero risk.

01

Install

One command. No account. No credit card.

02

Scan

Free tools find real problems. Specific numbers. Your data.

03

Fix

One command to fix what the scan found. From $19/mo.

Ready to see what's exposed?

One install. Four scans. Everything runs locally on your machine. No account, no data sent anywhere.