Hardcoded API key or credential

AI security governance · MCP security

Severity

critical

What it is

Detects known API key and credential patterns (AWS, GitHub, OpenAI, Stripe, etc.) hardcoded in configuration.

How Igris detects it

Igris's Credential Scanner flags this during MCP security scans of your configuration.

References

Related MCP security rules

Secure your AI estate with Igris