Features Pricing How It Works About FAQ Blog Contact Get StreamBlur Free
MCP Server · npm Package

StreamBlur for Agents
and Developers

Redact API keys, tokens, and secrets from any text or file. Locally. All detection runs locally.

Try It Live Install Free

9 tools · 77+ patterns · Claude Code, Claude Desktop, Cursor, Windsurf, Zed, VS Code · Node.js 18+

Try It Live

Paste any text below and see StreamBlur detect and redact secrets instantly. Runs 100% in your browser - nothing is sent anywhere.

Input

This demo uses the same 77+ detection patterns as the real MCP server. All processing happens locally in your browser.

Install

STEP 1 - Auto-setup (recommended)

npx @streamblur/mcp --setup

Detects Claude Code CLI, Claude Desktop, Cursor, Windsurf, Zed, and VS Code and configures them automatically.

STEP 2 - Restart your AI tool. Done.

Manual install

npm install @streamblur/mcp

Requires Node.js 18+. View on npm.

Available Tools

Defense in Depth

Your .env files and .gitignore are your outer wall. StreamBlur MCP is the internal security guard - the one who pulls a curtain over your secrets the moment an AI assistant opens the wrong file. All detection runs locally. Nothing leaves your machine.

redact_text Replaces detected secrets in any string with [REDACTED:type]. Works on clipboard content, log output, anything. Free.
scan_text Returns detected secret types and character positions without modifying anything. Use before sharing or pasting. Free.
redact_file Pro Reads a file and returns redacted content. Does not modify the original. Supports .env, config files, source code, and more.
scan_directory Pro Recursively scans an entire directory for exposed secrets. Returns file paths, line numbers, and secret types. Skips node_modules, .git, dist.
scan_repo Pro Clones a GitHub repo to a temp directory, scans all source files for leaked secrets, reports findings with file paths and line numbers, then deletes the clone. Zero persistence.
audit_env_file Pro Full security report on any .env file: detected real keys, formatting issues, placeholder values, and what to rotate. File is never modified.
check_gitignore Pro Audits your project .gitignore to verify .env files, key files, and secret directories are properly excluded. Returns a gap report with critical missing patterns.
explain_detection Pro When a secret is found, explains what it is, the blast radius if leaked, and exactly where to go to revoke and rotate it immediately. Plain English, actionable steps.
generate_env_template Pro Generates a safe .env.example for your project type (Next.js, Rails, Django, Express, Nuxt, SvelteKit) with placeholder values and security comments. Add services like Stripe, OpenAI, Supabase, AWS.

Covers 77+ credential patterns: OpenAI, Anthropic, Groq, Hugging Face, Replicate, GitHub, AWS, Stripe, Supabase, Notion, Linear, ElevenLabs, Resend, database URLs, JWT tokens, private keys, and more.

Unlock 7 Pro Tools - $2.99 one-time

Same license as the Chrome extension. Buy once, use both.

Upgrade to Pro →

Quick Setup

Terminal · works in any project, globally 
claude mcp add --transport stdio --scope user streamblur -- npx -y @streamblur/mcp

One command adds StreamBlur to Claude Code globally across all your projects. No config file needed. Restart Claude Code to activate.

Why developers use it

Fully local

All secret detection runs locally. Your credentials never leave your machine. Pro license verified once via email at activation.

Zero install friction

npx means no global install. Add to config, restart your tool, done in under a minute.

Agent-safe context Coming Soon

Use StreamBlur to scan files before passing context to any model. Automated pipeline and agent workflow integration coming soon.

77+ patterns

OpenAI, Anthropic, AWS, GitHub, Stripe, Slack, JWT, database URLs, private keys.

One-time · No subscription

Full codebase scanning, unlocked

scan_directory for complete coverage. Same $2.99 Pro license as the Chrome extension.

Get Pro · $2.99 →