Sensitive Canary

🔑

Secret Detection

Catches AWS keys, GitHub PATs, Stripe keys, JWTs, Anthropic/OpenAI API keys, database connection strings, and 15+ more credential types.

🕵️

PII Detection

Detects email addresses, credit card numbers, US SSNs, phone numbers, Japanese postal codes, and private IPv4 addresses.

🛡️

Pre-Tool-Use Hook

Scans files before Claude reads them. Blocks .env files by name and any file whose contents contain secrets or PII.

📨

Prompt Submit Hook

Scans every prompt before it is sent to the Anthropic API. Secrets or PII in your message are caught before they leave your machine.

🏷️

Allow Tags

Need to share a key intentionally? Add [allow-secret], [allow-pii], or [allow-all] to your prompt to bypass specific checks.

🐦

Zero Config

Install once as a Claude Code plugin. No API keys, no servers, no configuration files needed.

Why Sensitive Canary?

Claude Code is a powerful development tool, but file reads and command executions can inadvertently send secrets and personal information to the Anthropic API. API keys in .env files, tokens embedded in config files, credentials pasted into the terminal — once sent to the API, they leave your machine.

Sensitive Canary intercepts them before they are sent, preventing unintended data leaks.

Without Sensitive Canary	With Sensitive Canary
`cat .env` → full contents sent to Claude ❌	Blocked by name before Claude reads it ✅
Paste `AKIAIOSFODNN7EXAMPLE` in prompt ❌	Blocked before the API call is made ✅
Tool result contains user@email.com ❌	PII detected and blocked ✅
`echo $API_KEY` with live key ❌	Env var value scanned and blocked ✅

Without Sensitive Canary

With Sensitive Canary

cat .env → full contents sent to Claude ❌

Blocked by name before Claude reads it ✅

Paste AKIAIOSFODNN7EXAMPLE in prompt ❌

Blocked before the API call is made ✅

Tool result contains user@email.com ❌

PII detected and blocked ✅

echo $API_KEY with live key ❌

Env var value scanned and blocked ✅

Two hooks — UserPromptSubmit and PreToolUse cover both directions of risk

31 detection rules — sourced from gitleaks and TruffleHog detector definitions

Entropy filtering — reduces false positives on low-entropy values

Luhn validation — credit card numbers are validated, not just pattern-matched

Local only — all scanning runs in your terminal; nothing is sent anywhere

Detection Rules

Category	Examples
Cloud credentials	AWS Access Key, GCP service account key
Source control	GitHub PAT, GitHub fine-grained token, GitLab PAT
AI services	Anthropic API key, OpenAI API key / project key
Communication	Slack token, Slack webhook, Discord webhook, Telegram bot token
Payment	Stripe secret/restricted key, credit card numbers (Luhn-validated)
Email services	SendGrid API key, Mailgun key, Mailchimp key
Auth tokens	JWT, database connection strings
PII	Email address, US SSN, US/JP phone, Japanese postal code, private IPv4

Sensitive CanarySecrets and PII guard for Claude Code