Trial
Gitleaks is a widely adopted open-source secret scanner (24.4K stars, 20M+ Docker downloads). In March 2026, the original creator launched Betterleaks at Aikido Security as its successor — using BPE tokenization (inspired by LLM tokenizers) for 98.6% recall vs 70.4% for entropy-based detection.
Why It Matters for AI-Assisted Development
Lightweight, free secret scanning that integrates easily into pre-commit hooks and CI/CD — essential when AI agents are generating code:
- Betterleaks (v1.1.0, March 2026): Drop-in replacement for Gitleaks with dramatically improved accuracy. Uses BPE tokenization to distinguish secrets from natural language.
- CEL-based Validation: Programmatic validation logic using Common Expression Language.
- Betterleaks V2 Roadmap: LLM-assisted classification with anonymized data, auto-revocation, permissions mapping, scanning beyond Git.
Strengths
- Free and open source (MIT license)
- Lightweight, fast, easy CI/CD integration
- Betterleaks brings significant accuracy improvements (98.6% recall)
- Active development with clear AI-oriented roadmap
Limitations
- No verification of secret liveness (unlike TruffleHog)
- No remediation workflows
- No non-Git source scanning (yet)
- Community split between Gitleaks and Betterleaks may cause confusion
Pricing
Both MIT licensed, fully free and open source.