Security for founder inboxes

Inbox Secrets Detectorscan your email for leaked API keys + credentials

The fastest way to catch secrets accidentally shared in email threads, screenshots, and copied logs. Connect Gmail, scan in minutes, and ship a security report your team can act on.

Why founders pay for this

Most credential leaks are accidental and happen in internal email loops.

Find leaked keys before contractors, vendors, or inbox breaches do.

Run scans before fundraising diligence, SOC2 prep, and incident response.

Get immediate redaction output to fix threads without slowing work.

The Problem Nobody Scans

Founders forward staging configs or API debug logs to contractors.

Thread screenshots and copied snippets leak secrets into inbox history forever.

No existing scanner crawls both message body and attachments in one security pass.

How Inbox Secrets Detector Works

Deep Gmail Sweep

Read-only OAuth access scans message body, thread snippets, and supported attachment text for leaks.

50+ Secret Signatures

Detect AWS, Stripe, OpenAI, GitHub, database URIs, private keys, OAuth tokens, and common password patterns.

Immediate Redaction

Generate cleaned text instantly for forwarding, incident updates, or support responses without exposing credentials.

One plan, one goal

Protect the inbox where operations, product logs, and vendor access requests all collide. No seat pricing, no feature tiers, just one fixed cost per mailbox.

Full scan engine with attachment analysis
Security score and top risk categories
Redaction utility for response workflows

Security plan

$19/month per mailbox

Unlimited scans, full attachment analysis, and instant redaction output. Annual billing saves $38.

50+ leak signatures

AWS, Stripe, OpenAI, database URIs, OAuth tokens, SSH keys, and more.

Lemon Squeezy checkout

PCI-compliant overlay checkout with webhook-based entitlement verification.

Mailbox to protect

FAQ

Does this send my email data to a third party?

No. Scans run in your app environment with Gmail read-only access. The app stores only scan summaries and masked findings.

Which attachments are scanned?

Text-based attachments are parsed directly. Binary files are analyzed for printable credential-like strings to catch embedded plaintext leaks.

Can I use this for multiple inboxes?

Yes. Billing is per mailbox at $19/month. Connect each Gmail inbox separately and run scans independently.

How does payment unlock scanning?

Checkout is handled with Lemon Squeezy overlay. After successful purchase and webhook confirmation, a secure cookie unlocks the scanner for that mailbox.