Sensitive Canary
A security plugin that prevents unintended data leaks from Claude Code. Automatically detects and blocks secrets and PII — in prompts, file reads, and command executions — before they are sent to the Anthropic API.
No proxy server. No background process. Native Claude Code hooks only.
📖 Documentation — Installation guide, detection rules reference, and allow tag details.
Why sensitive-canary?
Claude Code is a powerful development tool, but file reads and command executions can inadvertently send secrets and personal information to the Anthropic API. API keys in .env files, tokens embedded in config files, credentials pasted into the terminal — once sent to the API, they leave your machine.
sensitive-canary intercepts them before they are sent, preventing unintended data leaks.
| Without sensitive-canary | With sensitive-canary |
|---|
cat .env → full contents sent to Claude ❌ | Blocked by name before Claude reads it ✅ |
Paste AKIAIOSFODNN7EXAMPLE in prompt ❌ | Blocked before the API call is made ✅ |
| Tool result contains user@email.com ❌ | PII detected and blocked ✅ |
echo $API_KEY with live key ❌ | Env var value scanned and blocked ✅ |
- Two hooks —
UserPromptSubmit and PreToolUse cover both directions of risk
- 31 detection rules — sourced from gitleaks and TruffleHog detector definitions
- Entropy filtering — reduces false positives on low-entropy values
- Luhn validation — credit card numbers are validated, not just pattern-matched
- Local only — all scanning runs in your terminal; nothing is sent anywhere
Quick Start
Requirements
- Node.js 22.6.0 or later (required for
--experimental-strip-types)
- Claude Code 1.0.33 or later
Plugin install (recommended)
Install in two commands from inside a Claude Code session:
1. Register the marketplace
/plugin marketplace add coo-quack/claude-code-marketplace
2. Install the plugin
/plugin install sensitive-canary@coo-quack
Done. The hooks are enabled automatically.
Keeping up to date: Third-party marketplaces have auto-update disabled by default. To receive automatic updates, run /plugin → Marketplaces tab → select the marketplace → Enable auto-update. You can also update manually from the same tab. See Discover and install plugins for details.
npm install
Install locally via npm and configure hooks manually:
npm install -g @coo-quack/sensitive-canary
Update to the latest version:
npm update -g @coo-quack/sensitive-canary
Then add to ~/.claude/settings.json:
{
"hooks": {
"UserPromptSubmit": [
{
"hooks": [
{
"type": "command",
"command": "npx tsx $(npm root -g)/@coo-quack/sensitive-canary/src/user-prompt-submit-hook.ts"
}
]
}
],
"PreToolUse": [
{
"matcher": "Read|Bash",
"hooks": [
{
"type": "command",
"command": "npx tsx $(npm root -g)/@coo-quack/sensitive-canary/src/pre-tool-use-hook.ts"
}
]
}
]
}
}
Note: Node.js does not support --experimental-strip-types for files inside node_modules, so npx tsx is used instead.
Manual setup (git clone)
Clone the repository and configure hooks manually:
git clone https://github.com/coo-quack/sensitive-canary.git ~/sensitive-canary
Update to the latest version:
cd ~/sensitive-canary && git pull
Then add to ~/.claude/settings.json:
{
"hooks": {
"UserPromptSubmit": [
{
"hooks": [
{
"type": "command",
"command": "node --experimental-strip-types ~/sensitive-canary/src/user-prompt-submit-hook.ts"
}
]
}
],
"PreToolUse": [
{
"matcher": "Read|Bash",
"hooks": [
{
"type": "command",
"command": "node --experimental-strip-types ~/sensitive-canary/src/pre-tool-use-hook.ts"
}
]
}
]
}
}
What Happens
Prompt blocked
Prompts containing secrets or PII are blocked before being sent.
> My AWS key is AKIAIOSFODNN7EXAMPLE. Can you review this code?
🐤 sensitive-canary: sensitive data detected — blocked
[Secret] AWS Access Key ID (aws-access-key): AKIA****MPLE