A hook that redacts secrets from tool output before your AI coding assistant reads it. API keys, database URLs, and tokens are scrubbed on your machine, never in the context window.
$ curl -sSL https://raw.githubusercontent.com/svn-arv/redacted/main/install.sh | sh
When an AI tool runs a command or reads a file, the full output lands in context. One cat .env, one stack trace, one debug dump, and your live credentials are on the wire. redacted gets there first: a PostToolUse hook scans the output, replaces matches inline, and hands the assistant the clean copy, never the original. You cannot un-send a token. This makes sure you never have to.
redacted init registers the hook. Every tool output (Bash, Read, Grep, WebFetch) runs through it.
Vendor signatures, credential-named keys, and an entropy scorer. Matches replaced inline, last 4 chars kept as a hint.
Nothing found? The output passes through untouched. Non-secret text is never modified.
AWS, GitHub, Stripe, OpenAI, Anthropic, Slack, Twilio and more. Near-zero false positives.
Any env var named SECRET, TOKEN, PASSWORD, API_KEY… gets its value redacted.
Unknown 16–128 char values, mixed case and digits, high Shannon entropy. Catches what no signature names.
"My production key is absolutely not in the context window."
...8STU says which key fired without exposing it.# curl (recommended) curl -sSL https://raw.githubusercontent.com/svn-arv/redacted/main/install.sh | sh redacted init # or Homebrew brew tap svn-arv/tap && brew install redacted redacted init
Stop trusting yourself to remember.
Wire it once. Every future cat .env is already handled.