* [TruffleHog v3.95.4](https://github.com/trufflesecurity/trufflehog) – Powerful tool for discovering, classifying, validating, and analyzing leaked credentials.

* [Chainloop v1.99.0](https://github.com/chainloop-dev/chainloop) – Evidence store and policy engine for Software Supply Chain attestations, SBOMs, VEX, SARIF, and QA reports.

* [Skylos v4.22.0](https://github.com/duriantaco/skylos) – Privacy-first hybrid static-analysis tool for Python, TypeScript, and Go that detects dead code, secrets, and security vulnerabilities.

* [Package Manager Guard (PMG) v0.17.0](https://github.com/safedep/pmg) – Tool that blocks malicious packages during installation by wrapping existing package managers.

* [Bagel v0.7.0](https://github.com/boostsecurityio/bagel) – Cross-platform CLI that scans developer workstations for risky tool configurations and secret metadata, producing structured JSON reports without exposing secret values.

* [Betterleaks v1.3.0](https://github.com/betterleaks/betterleaks) – Detects passwords, API keys, and tokens in git repos, files, or stdin using configurable, high-performance scanning.

* [vet v1.17.3](https://github.com/safedep/vet) – Enterprise-grade software supply chain security tool with real-time malicious package detection and policy as code support.

* [Aguara v0.22.0](https://github.com/garagon/aguara) – Security scanner for AI agent skills and MCP servers that detects prompt injection, data exfiltration, and supply-chain attacks via local static analysis.

* [poutine v1.1.6](https://github.com/boostsecurityio/poutine) – Security scanner for detecting misconfigurations and vulnerabilities in repository build pipelines by parsing CI/CD workflows.

* [JavaSecLab V1.5](https://github.com/whgojp/JavaSecLab) – Comprehensive hands-on platform for learning, testing, and auditing Java application security using vulnerable examples, fixes, scenarios, and traffic analysis.

* [PII-Shield v2.0.5](https://github.com/pii-shield/pii-shield) – Zero-code Kubernetes sidecar that redacts PII from logs pre-egress using entropy analysis and deterministic hashing.

* [sbomasm v2.0.6](https://github.com/interlynk-io/sbomasm) – Comprehensive SBOM lifecycle toolkit for assembling, editing, enriching, removing sensitive data, signing, and viewing SBOMs.

* [MEDUSA v2026.5.11](https://github.com/Pantheon-Security/medusa) – AI-first security scanner providing 3,000+ detection patterns, 430 false-positive filters, and 133 CVE detections for AI/ML, agents, and LLM applications.