Your AI assistant can see your secrets.
AI coding tools read your project files to help you write code. That means they also read your .env files, API keys, and MCP configs. DevSafe gives you five free tools to find and fix the problem in under five minutes.
The problem
When you use an AI coding assistant (Claude Code, Cursor, Copilot, Windsurf, Cline, or others), the tool needs to read your project files to understand your code. That is how it helps you. But it also means the AI reads everything else in your project directory.
Your .env file with database credentials. Your AWS access keys. Your Stripe secret key. Your MCP server configs with hardcoded tokens. The AI sees all of it.
Here is why that matters:
- Cloud context. Some tools send file contents to cloud APIs for processing. Your secrets travel over the network to third-party servers.
- Training data. Depending on the tool's data policy, your secrets could end up in model training data, visible to other users through completions.
- Logs and telemetry. Even tools that run locally may log context to disk or send telemetry that includes file contents.
- MCP servers. If your MCP config files contain hardcoded API keys (and many do), every MCP-aware tool that reads that config can see those keys.
Most developers do not realize this is happening. The AI assistant does not warn you. It just quietly reads your secrets along with your code.
What DevSafe does about it
DevSafe includes five tools built specifically for this problem. They work together to find exposures, fix them, and monitor for new ones. All five are free. No account needed.
devsafe diagnose
Scans your machine for AI secret exposure across 4 exposure paths and 6 AI tools. It checks whether your secrets are visible to each tool, and tells you exactly what is exposed and where.
$ devsafe diagnose Scanning 4 exposure paths across 6 AI tools... ! claude-code .env visible STRIPE_SECRET_KEY, DATABASE_URL ! cursor .env visible STRIPE_SECRET_KEY, DATABASE_URL ! claude-code mcp config 2 hardcoded tokens in mcp.json ✓ copilot .env excluded .gitignore covers .env Found 3 exposures across 2 tools. Run devsafe shield to fix.
devsafe mcp-scan
Finds secrets hardcoded in your MCP server configuration files. Many MCP setups include API keys directly in the JSON config instead of using environment variable references. This command finds every one of them.
$ devsafe mcp-scan Scanning MCP configs... ! ~/.claude/mcp.json github-server GITHUB_TOKEN hardcoded ! ~/.cursor/mcp.json supabase SERVICE_ROLE_KEY hardcoded ✓ ~/.claude/mcp.json filesystem no secrets found Found 2 hardcoded secrets in MCP configs.
devsafe shield
Fixes the exposures that diagnose and mcp-scan find. It can add deny rules to keep AI tools from reading sensitive files, convert hardcoded secrets to environment variable references, and harden your MCP configs. Shield has three modes: on (apply fixes), off (remove fixes), and scan (preview what it would do).
$ devsafe shield on ✓ Added .env to claude deny rules ✓ Added .env to cursor ignore list ✓ Converted 2 hardcoded MCP tokens to env refs 3 fixes applied. Run devsafe diagnose to verify.
devsafe mcp
Proxy your MCP servers through DevSafe. This gives you permission control over what each MCP server can do, and lets DevSafe inject secrets at runtime so they never sit in config files. Your MCP servers get the keys they need without those keys being written to disk.
devsafe net
Monitors what your AI tools are connecting to over the network. See every outbound connection in real time, so you know exactly where your context is being sent.
Five minutes from exposed to protected
See the damage
Run devsafe diagnose to find out which of your secrets are visible to which AI tools. This is a read-only scan. It does not change anything on your machine.
Fix it
Run devsafe shield on to apply fixes. Shield adds deny rules, converts hardcoded secrets to environment variable references, and hardens your MCP configs. If you want to preview first, run devsafe shield scan.
Check your MCP configs
Run devsafe mcp-scan to catch any hardcoded secrets in your MCP server configurations. These are easy to miss because they live outside your project directory.
Monitor ongoing connections
Run devsafe net to watch what your AI tools connect to. This is optional but useful if you want to verify that your tools are not sending context to unexpected servers.
After running shield, run devsafe diagnose again. You should see zero exposures. If anything remains, the diagnose output tells you exactly what to fix manually.
All free, no account needed
Every AI Safety tool in DevSafe works without creating an account. No signup, no email, no trial period. Install DevSafe and run devsafe diagnose right now.
These tools are free because the problem is urgent. Millions of developers use AI coding assistants today, and most have no idea their secrets are exposed. We want every developer protected, not just the ones who pay.
$ brew install hxalabs/tap/devsafe $ devsafe diagnose # see what's exposed, then fix it with: devsafe shield on