Skip to content

Secrets detection before prompt submission #7

Description

@kobzevvv

When a developer pastes code containing API keys into the chat, those secrets go to Anthropic servers and are stored in ~/.claude/ logs. No tool currently prevents this. Proposal: scan-logs:static check that detects active keys in recent session logs and alerts before next session. Stretch goal: a PreToolUse hook that warns when secrets patterns appear in content being read by the agent. CVE-2025-55284 demonstrated DNS exfiltration of .env secrets.

Metadata

Metadata

Assignees

No one assigned

    Labels

    enhancementNew feature or request

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions