# trufflehog

Canonical URL: https://doramagic.ai/en/projects/trufflehog/

Source repository: https://github.com/trufflesecurity/trufflehog

## What it is

Find, verify, and analyze leaked credentials

## Capability boundary

prompt, recipe, host_instruction, eval, preflight

## First safe verification

Verify the smallest path in an isolated environment and keep a rollback path.

## Main risk

May increase setup, validation, or first-run risk for the user.

## Evidence base

https://github.com/trufflesecurity/trufflehog, https://github.com/trufflesecurity/trufflehog#readme, Human Manual, Pitfall Log