This product was not featured by Product Hunt yet. It will not be visible on their landing page and won't be ranked (cannot win product of the day regardless of upvotes).
Product upvotes vs the next 3
Waiting for data. Loading
Product comments vs the next 3
Waiting for data. Loading
Product upvote speed vs the next 3
Waiting for data. Loading
Product upvotes and comments
Waiting for data. Loading
Product vs the next 3
Loading
LocalForge
The last line of defence before your code hits git history
You're working fast or vibe-coding, the LLM is shipping faster than you can review, and three days later you're rotating AWS keys at 2am. LocalForge intercepts every git commit before it finalises. 3 layers: Rust regex blocks secrets in <1ms, CoreML on the Neural Engine catches unsafe patterns statistically, and a local Qwen LLM reviews your diff like a human and it's all fully offline on Apple Silicon. Nothing leaves your Mac.
I built this because I kept seeing the same thing in AI-assisted codebases. It's not malice but ultimately it's just speed. When you're vibe coding or working fast because of a deadline, and the LLM is generating 200 lines at a time, secrets and unsafe patterns slip through the review loop since it can't keep up with the generation loop.
The thing I wanted most was something that ran before git, not after. By the time a secret is in your history, the damage is done even if you rotate immediately since the commit hash is permanent and the exposure window already existed.
Three things I'd love feedback on:
1. The Layer 2 training set is 297 samples across 11 languages so it's still small. If anyone has labeled risky/clean code snippets they'd share, I'd love to grow it. 2.The VS Code extension is next and it'll reuse the same pipeline so you get inline squiggles without running a commit. 3. Apple Silicon only right now. A Linux port would need different runtimes for both CoreML and MLX so I'm, interested in whether there's appetite for it.
Repo is MIT and fully open. Would love issues, PRs, or just to hear what secret patterns you've seen slip through that I'm not covering yet.
About LocalForge on Product Hunt
“The last line of defence before your code hits git history”
LocalForge was submitted on Product Hunt and earned 13 upvotes and 5 comments, placing #15 on the daily leaderboard. You're working fast or vibe-coding, the LLM is shipping faster than you can review, and three days later you're rotating AWS keys at 2am. LocalForge intercepts every git commit before it finalises. 3 layers: Rust regex blocks secrets in <1ms, CoreML on the Neural Engine catches unsafe patterns statistically, and a local Qwen LLM reviews your diff like a human and it's all fully offline on Apple Silicon. Nothing leaves your Mac.
On the analytics side, LocalForge competes within Developer Tools, GitHub, Tech and Security — topics that collectively have 1.2M followers on Product Hunt. The dashboard above tracks how LocalForge performed against the three products that launched closest to it on the same day.
Who hunted LocalForge?
LocalForge was hunted by Stalingrad Dollosa. A “hunter” on Product Hunt is the community member who submits a product to the platform — uploading the images, the link, and tagging the makers behind it. Hunters typically write the first comment explaining why a product is worth attention, and their followers are notified the moment they post. Around 79% of featured launches on Product Hunt are self-hunted by their makers, but a well-known hunter still acts as a signal of quality to the rest of the community. See the full all-time top hunters leaderboard to discover who is shaping the Product Hunt ecosystem.
For a complete overview of LocalForge including community comment highlights and product details, visit the product overview.
Hey PH 👋
I built this because I kept seeing the same thing in AI-assisted codebases. It's not malice but ultimately it's just speed. When you're vibe coding or working fast because of a deadline, and the LLM is generating 200 lines at a time, secrets and unsafe patterns slip through the review loop since it can't keep up with the generation loop.
The thing I wanted most was something that ran before git, not after. By the time a secret is in your history, the damage is done even if you rotate immediately since the commit hash is permanent and the exposure window already existed.
Three things I'd love feedback on:
1. The Layer 2 training set is 297 samples across 11 languages so it's still small. If anyone has labeled risky/clean code snippets they'd share, I'd love to grow it.
2.The VS Code extension is next and it'll reuse the same pipeline so you get inline squiggles without running a commit.
3. Apple Silicon only right now. A Linux port would need different runtimes for both CoreML and MLX so I'm, interested in whether there's appetite for it.
Repo is MIT and fully open. Would love issues, PRs, or just to hear what secret patterns you've seen slip through that I'm not covering yet.