What is the .env Sanitizer?
Environment variable files (.env) store critical infrastructure keys like database passwords and API tokens. The .env Sanitizer is a tool that automatically identifies and masks these secrets, allowing you to safely share configuration templates or debug logs.
How it works locally
This tool uses RegEx-based pattern matching that runs entirely within your browser. It doesn't just replace strings; it intelligently parses key-value pairs and recognizes specific formats for providers like AWS, Stripe, and GitHub.
The Danger of "Beautifiers"
Many "env formatters" on the web are simple proxies that send your secrets to their servers for processing. In 2026, Credential Stuffing and Secret Scraping are at an all-time high. Never upload production secrets to any server-side tool.
FAQ
Which secrets do you detect?
We currently detect Stripe keys, AWS credentials, GitHub tokens, PostgreSQL URLs, and generic keys ending in _PASSWORD, _SECRET, or _KEY.
Is the redaction reversible?
No. The masking is permanent in the output. This ensures that even if the sanitized text is intercepted, your original secrets cannot be recovered.