{"id":48276615,"url":"https://github.com/sibyllai/lethe","last_synced_at":"2026-04-04T22:35:56.551Z","repository":{"id":343441195,"uuid":"1177723282","full_name":"sibyllai/lethe","owner":"sibyllai","description":"Pre-AI repo sanitization. Redact secrets before your code meets the LLM.","archived":false,"fork":false,"pushed_at":"2026-03-20T11:09:03.000Z","size":161,"stargazers_count":6,"open_issues_count":0,"forks_count":0,"subscribers_count":0,"default_branch":"main","last_synced_at":"2026-03-21T03:03:33.939Z","etag":null,"topics":["ai-security","cli","devsecops","pii-detection","redaction","secret-scanning"],"latest_commit_sha":null,"homepage":"","language":"TypeScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/sibyllai.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2026-03-10T09:59:39.000Z","updated_at":"2026-03-20T11:09:04.000Z","dependencies_parsed_at":null,"dependency_job_id":null,"html_url":"https://github.com/sibyllai/lethe","commit_stats":null,"previous_names":["sibyllai/lethe"],"tags_count":1,"template":false,"template_full_name":null,"purl":"pkg:github/sibyllai/lethe","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sibyllai%2Flethe","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sibyllai%2Flethe/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sibyllai%2Flethe/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sibyllai%2Flethe/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/sibyllai","download_url":"https://codeload.github.com/sibyllai/lethe/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sibyllai%2Flethe/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":31416954,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-04-04T20:09:54.854Z","status":"ssl_error","status_checked_at":"2026-04-04T20:09:44.350Z","response_time":60,"last_error":"SSL_read: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["ai-security","cli","devsecops","pii-detection","redaction","secret-scanning"],"created_at":"2026-04-04T22:35:55.905Z","updated_at":"2026-04-04T22:35:56.542Z","avatar_url":"https://github.com/sibyllai.png","language":"TypeScript","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Lethe (λήθη)\n\n**Pre-ingestion code sanitization for AI agents.**\n\nLethe (`lethe`, pronounced \"LEE-thee\") scans source code repositories for secrets, credentials, PII, and sensitive patterns, then produces a clean copy with all sensitive content replaced by typed redaction placeholders. The AI sees the structure, the logic, the intent — but never the secrets.\n\n```\nYour repo → Lethe → Clean copy → AI agent\n```\n\nIn Greek mythology, Lethe is the river of oblivion in the underworld. Souls drink from it and forget. When your code crosses through Lethe, the secrets stay behind.\n\n## The problem\n\nAI coding agents read everything — secrets, credentials, API keys, internal URLs, PII. Most organizations either accept the risk or block AI tooling entirely.\n\nLethe provides a third option: **sanitize before the AI reads it.**\n\n```typescript\n// Before\nconst AWS_SECRET_KEY = 'wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY';\nconst DATABASE_URL = 'postgres://admin:s3cret@prod-db.internal.corp:5432/main';\n\n// After\nconst AWS_SECRET_KEY = '[REDACTED:aws_secret_key]';\nconst DATABASE_URL = '[REDACTED:postgres_uri]';\n```\n\nCode structure, logic, imports, and comments are preserved. The AI still gets useful context; your organization keeps its secrets.\n\n## Quick start\n\n```bash\nnpm install -g @sibyllai/lethe\n```\n\n**Sanitize a repo:**\n\n```bash\nlethe scan ./my-repo --output ./my-repo-clean\n```\n\n**Dry run — see what would be redacted:**\n\n```bash\nlethe scan ./my-repo --dry-run\n```\n\n**CI gate — exit code 0 means clean:**\n\n```bash\nlethe audit ./my-repo\n```\n\n**Generate a config file:**\n\n```bash\nlethe init\nlethe init --preset strict\n```\n\n## What it detects\n\nLethe runs a layered detection pipeline. Each layer is independent and configurable.\n\n| Layer | What it does | How |\n|-------|-------------|-----|\n| **0 — Ignore** | Skip files that shouldn't be scanned | `.gitignore`, `.letheignore`, binary detection |\n| **1 — File rules** | Exclude or passthrough entire files | Glob patterns (`.env`, `*.pem`, `*.key`, `credentials.json`, etc.) |\n| **2 — Patterns** | Match known secret formats line-by-line | 53 regex patterns curated from gitleaks/detect-secrets |\n| **3 — Entropy** | Flag high-entropy strings that evade patterns | Shannon entropy with charset-specific thresholds |\n| **4 — Custom rules** | Match org-specific sensitive content | User-defined patterns in `.lethe.yaml` |\n\nThe built-in pattern catalog covers: AWS, GCP, Azure, GitHub, GitLab, Slack, Stripe, JWT, private keys, database connection strings, bearer tokens, basic auth URLs, generic API keys, and more.\n\n## Commands\n\n**Lethe never modifies your source files.** `scan` writes a separate clean copy to the output directory. `audit` is read-only — it reports findings and sets an exit code, nothing more. Your original repo is never touched.\n\n### `lethe scan`\n\n```\nlethe scan \u003cpaths...\u003e [OPTIONS]\n\n -o, --output PATH Output directory for sanitized copy (required unless --dry-run)\n -c, --config PATH Path to config file\n --dry-run Show findings without producing output\n --format [text|json] Output format (default: text)\n --no-entropy Disable entropy analysis\n --severity \u003clevel\u003e Minimum severity to redact: low|medium|high|critical\n -v, --verbose Show each file as it's processed\n -q, --quiet Suppress all output except errors\n```\n\n### `lethe audit`\n\nNon-destructive validation for CI/CD pipelines. Exit code `0` = clean, `1` = findings, `2` = error.\n\n```\nlethe audit \u003cpaths...\u003e [OPTIONS]\n\n -c, --config PATH Path to config file\n --format [text|json] Output format (default: text)\n --no-entropy Disable entropy analysis\n --severity \u003clevel\u003e Minimum severity to report\n```\n\n### `lethe init`\n\n```\nlethe init [OPTIONS]\n\n -p, --preset \u003cpreset\u003e Config preset: default|strict|minimal\n -f, --force Overwrite existing .lethe.yaml\n```\n\n## Configuration\n\n`.lethe.yaml` — looked up in the scanned directory, then `~/.config/lethe/config.yaml`, then `~/.lethe.yaml`.\n\n```yaml\nfiles:\n exclude:\n - \"**/.env\"\n - \"**/.env.*\"\n - \"**/*.pem\"\n - \"**/*.key\"\n - \"**/credentials.json\"\n passthrough:\n - \"**/node_modules/**\"\n - \"**/vendor/**\"\n - \"**/*.min.js\"\n max_size: 5242880 # 5MB\n\npatterns:\n enabled: true\n disable: []\n # - aws_secret_key # disable specific patterns\n\nentropy:\n enabled: true\n hex_threshold: 4.5\n base64_threshold: 5.0\n min_length: 12\n allowlist:\n - \"**/*test*\"\n - \"**/*fixture*\"\n\ncustom_rules:\n - name: \"internal_host\"\n pattern: '[a-zA-Z0-9-]+\\.internal\\.example\\.org'\n replacement: \"[REDACTED:internal_host]\"\n severity: \"high\"\n\n - name: \"org_email\"\n pattern: '[a-zA-Z0-9._%+-]+@example\\.org'\n replacement: \"[REDACTED:org_email]\"\n severity: \"medium\"\n```\n\n## Findings report\n\n```\nsrc/config/aws.ts\n [CRITICAL] src/config/aws.ts:12 — aws-secret-access-key\n wJa...EKEY\n Matches AWS secret access keys assigned to common variable names.\n [HIGH ] src/db/connection.ts:8 — postgres-connection-string\n pos...5432\n Matches PostgreSQL connection URIs containing embedded credentials.\n\nSummary\n────────────────────────────────────────\n Files scanned: 342\n Files excluded: 4\n Files clean: 326\n Files redacted: 12\n\n Total findings: 17\n CRITICAL: 3\n HIGH : 6\n MEDIUM : 5\n LOW : 3\n```\n\n## Design principles\n\n- **Zero network calls.** Everything runs locally. No telemetry, no external services.\n- **False negatives are worse than false positives.** This is a security tool. When in doubt, redact.\n- **Preserve code structure.** Redacted output should be syntactically valid and semantically useful to the AI.\n- **Six dependencies.** commander, chalk, js-yaml, zod, ignore, fast-glob. All pure JavaScript, no native compilation.\n\n## Part of Sibyllai\n\nLethe is part of the **Sibyllai** ecosystem of AI security and governance tools:\n\n- [**Khoregos**](https://github.com/sibyllai/khoregos) — enterprise governance layer for AI coding agent teams\n- **Lethe** — pre-ingestion repo sanitization CLI _(this project)_\n- **Stegano** — prompt injection detection API _(planned)_\n- **Adyton** — autonomous OSINT agent _(planned)_\n\n## License\n\nMIT\n\n---\n\nBuilt by [Sibyllai](https://github.com/sibyllai). Part of the Sibyllai AI tools series.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsibyllai%2Flethe","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fsibyllai%2Flethe","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsibyllai%2Flethe/lists"}