GitGuardian Reports an 81% Surge of AI-Service Leaks as 29M Secrets Hit Public GitHub

New York, NY, March 17th, 2026, CyberNewswire

In 2025, Developer Commits Using Claude Code Show 3.2% Secret Leak Rate vs. 1.5% Baseline. The Human Factor Remains Critical

GitGuardian, the security leader behind GitHub’s most installed application, today released the 5th edition of its “State of Secrets Sprawl” report, documenting how mainstream AI adoption in 2025 reshaped software delivery and accelerated the exposure of non-human identities (NHIs) and their secrets across public and internal systems.

While the software ecosystem is growing quickly, leaked secrets are growing faster, and remediation is not keeping up.

The year software changed forever

In 2025, AI adoption permanently changed software engineering:

• +43% YoY increase in public commits, growing at least 2× faster than before
• Since 2021, secrets have been growing roughly 1.6× faster than the active developer population
• Secret leak rates in AI-assisted code were, on average across the year, roughly double the GitHub-wide baseline. 

 Together, these forces drove a +34% YoY increase in newly leaked secrets on GitHub, reaching ~29 million secrets detected overall, marking the largest single-year jump ever recorded.

Nine takeaways for CISOs securing Non‑Human Identities (NHI)

Exposed credentials remain a major, repeatable path to compromise. In 2025, AI assistance increased the speed of software creation and multiplied the number of tokens, keys, and service identities embedded across modern stacks, without equivalent improvements in governance.

AI assistants are amplifying risk in new categories of credentials

1. Claude Code-assisted commits leaked secrets at ~3.2%, 2× the baseline. AI-assisted coding has democratized software development, enabling developers without formal training to build applications quickly. However, this accessibility comes with a security gap: less experienced developers may lack security awareness and can ignore AI warnings or explicitly prompt tools to include sensitive information. These leaked secrets may ultimately reflect human mistakes, not just AI failures.

2. AI service credentials leaks are accelerating fastest: leaks tied to AI services increased +81% YoY (to 1,275,105), and are more likely to slip through protections built primarily for conventional developer workflows.

3. MCP configuration risk is emerging: MCP server documentation often recommends placing credentials directly in configuration files rather than using safer client authentication patterns. This contributed to 24,008 unique secrets exposed in the studied MCP configuration files.

AI expands the attack surface overnight

4. Internal repositories remain the biggest exposure reservoir. They are ~6× more likely than public ones to contain hardcoded secrets.

5. Secrets sprawl extends beyond code: ~28% of incidents originate from leaks in collaboration and productivity tools (not just repositories), where credentials can be exposed to broader audiences, automations, and AI agents.

6. Developer machines are becoming part of the credential perimeter. As AI agents gain deeper local access (editors, terminals, files, credentials stores), prompt injection and supply-chain style attacks (Shai-Hulud, for example) can turn local secrets into organizational risk.

“AI agents need local credentials to connect across systems, turning developer laptops into a massive attack surface. We built our local scanning and identities inventory tool to protect them. Security teams need to map out exactly which machines hold which secrets, surfacing critical weaknesses like overprivileged access and exposed production keys.” says Eric Fourrier, GitGuardian’s CEO

The industry is facing a growing debt, and needs NHI governance, not just detection

7. Long-lived secrets still dominate: ~60% of policy violations are credentials that persist over time, highlighting the slow transition toward ephemeral, least-privilege access.

8. Prioritization is harder than it looks: ~46% of critical secrets have no vendor-provided validation mechanism, requiring contextual signals (location, usage, downstream consumers, and secrets managers) to assess real-world exploitability.

9. Remediation is failing at scale: 64% of valid secrets from 2022 are still not revoked in 2026, most often because security teams lack the governance needed to achieve a viable, repeatable remediation path for any leaked secret.

GitGuardian believes the next phase of security programs must treat non-human identities as first-class assets: with dedicated governance, context, and remediation automation across code and non-code surfaces.

The full report is available here

About GitGuardian

GitGuardian is an end-to-end NHI Security platform that empowers software-driven organizations to secure their Non-Human Identities (NHIs) and comply with industry standards. With attackers increasingly targeting NHIs, such as service accounts and applications, GitGuardian integrates Secrets Security and NHI Governance. This dual approach enables the detection of compromised secrets across your dev environments while also managing non-human identities and their secrets’ lifecycles. The platform is the world’s most installed GitHub application and supports over 550+ types of secrets, offers public monitoring for leaked data, and deploys honeytokens for added defense. Trusted by over 600,000 developers, GitGuardian is the choice of leading organizations like Snowflake, ING, BASF, and Bouygues Telecom for robust secrets protection.

For more information, users can visit www.gitguardian.com

Contact

PR Partner
Holly Hagerman
Connect Marketing
hollyh@connectmarketing.com