Skip to main content


Beta program

Please note that Has My Secret Leaked features are currently in beta.

Has My Secret Leaked is a new product developed by GitGuardian to discover potential public leaks of your secrets. Has My Secret Leaked currently monitors Github public repositories (Commits, Gists and Issues).

If you want to deep dive into the protocol, read our blog post.


ggshield hmsl proposes two methods to check your secrets:

Check your configuration

Before anything else, you can make sure you are able to reach the service (and see if you are authenticated) by running ggshield hmsl api-status. You can also use ggshield hmsl quota to see how many credits you have left.

Learn more about ggshield hmsl configuration

What happens under the hood

ggshield use 3 steps to check your secrets. By running each of these steps separately you'll learn how Has My Secret Leaked is able to check your secrets without any knowledge of them.

  1. ggshield fingerprints your secrets
  2. ggshield queries HMSL service using prefixes or full hashes
  3. ggshield decrypts the returned payload

How can I help you ?