DevSafe / Docs
Docs AI Safety AI Safety Overview

Your AI assistant can see your secrets.

AI coding tools read your project files to help you write code. That means they also read your .env files, API keys, and MCP configs. DevSafe gives you five free tools to find and fix the problem in under five minutes.

The problem

When you use an AI coding assistant (Claude Code, Cursor, Copilot, Windsurf, Cline, or others), the tool needs to read your project files to understand your code. That is how it helps you. But it also means the AI reads everything else in your project directory.

Your .env file with database credentials. Your AWS access keys. Your Stripe secret key. Your MCP server configs with hardcoded tokens. The AI sees all of it.

Here is why that matters:

Most developers do not realize this is happening. The AI assistant does not warn you. It just quietly reads your secrets along with your code.

What DevSafe does about it

DevSafe includes five tools built specifically for this problem. They work together to find exposures, fix them, and monitor for new ones. All five are free. No account needed.

devsafe diagnose

Scans your machine for AI secret exposure across 4 exposure paths and 6 AI tools. It checks whether your secrets are visible to each tool, and tells you exactly what is exposed and where.

terminal
$ devsafe diagnose
Scanning 4 exposure paths across 6 AI tools...

! claude-code    .env visible         STRIPE_SECRET_KEY, DATABASE_URL
! cursor         .env visible         STRIPE_SECRET_KEY, DATABASE_URL
! claude-code    mcp config           2 hardcoded tokens in mcp.json
 copilot        .env excluded        .gitignore covers .env

Found 3 exposures across 2 tools. Run devsafe shield to fix.

Full diagnose reference →

devsafe mcp-scan

Finds secrets hardcoded in your MCP server configuration files. Many MCP setups include API keys directly in the JSON config instead of using environment variable references. This command finds every one of them.

terminal
$ devsafe mcp-scan
Scanning MCP configs...

! ~/.claude/mcp.json     github-server    GITHUB_TOKEN hardcoded
! ~/.cursor/mcp.json     supabase         SERVICE_ROLE_KEY hardcoded
 ~/.claude/mcp.json     filesystem       no secrets found

Found 2 hardcoded secrets in MCP configs.

Full mcp-scan reference →

devsafe shield

Fixes the exposures that diagnose and mcp-scan find. It can add deny rules to keep AI tools from reading sensitive files, convert hardcoded secrets to environment variable references, and harden your MCP configs. Shield has three modes: on (apply fixes), off (remove fixes), and scan (preview what it would do).

terminal
$ devsafe shield on
 Added .env to claude deny rules
 Added .env to cursor ignore list
 Converted 2 hardcoded MCP tokens to env refs

3 fixes applied. Run devsafe diagnose to verify.

Full shield reference →

devsafe mcp

Proxy your MCP servers through DevSafe. This gives you permission control over what each MCP server can do, and lets DevSafe inject secrets at runtime so they never sit in config files. Your MCP servers get the keys they need without those keys being written to disk.

Full mcp reference →

devsafe net

Monitors what your AI tools are connecting to over the network. See every outbound connection in real time, so you know exactly where your context is being sent.

Full net reference →

Five minutes from exposed to protected

1

See the damage

Run devsafe diagnose to find out which of your secrets are visible to which AI tools. This is a read-only scan. It does not change anything on your machine.

2

Fix it

Run devsafe shield on to apply fixes. Shield adds deny rules, converts hardcoded secrets to environment variable references, and hardens your MCP configs. If you want to preview first, run devsafe shield scan.

3

Check your MCP configs

Run devsafe mcp-scan to catch any hardcoded secrets in your MCP server configurations. These are easy to miss because they live outside your project directory.

4

Store secrets properly

For permanent protection, move your secrets into Lockbox or Vault. These store secrets encrypted on your machine and inject them into your tools at runtime, so the plaintext values never sit in config files.

5

Monitor ongoing connections

Run devsafe net to watch what your AI tools connect to. This is optional but useful if you want to verify that your tools are not sending context to unexpected servers.

Verify your fixes worked.

After running shield, run devsafe diagnose again. You should see zero exposures. If anything remains, the diagnose output tells you exactly what to fix manually.

All free, no account needed

Every AI Safety tool in DevSafe works without creating an account. No signup, no email, no trial period. Install DevSafe and run devsafe diagnose right now.

These tools are free because the problem is urgent. Millions of developers use AI coding assistants today, and most have no idea their secrets are exposed. We want every developer protected, not just the ones who pay.

terminal
$ brew install hxalabs/tap/devsafe
$ devsafe diagnose
# see what's exposed, then fix it with: devsafe shield on