Show HN: Leakproof – local secret-egress firewall for Claude Code/Cursor/aider (github.com)

A new tool called Leakproof has been introduced to address data security concerns surrounding AI coding assistants like Claude Code and Cursor, which have faced restrictions from security teams due to potential data egress risks. Leakproof acts as a local secret firewall that intercepts all outbound requests from these tools, scanning for sensitive information such as API keys or personal data. If any secrets are detected, it either redacts them or blocks the outbound request entirely, ensuring that nothing is sent to the cloud. This local-first approach provides a significant layer of compliance for teams bound by regulations like SOC 2, HIPAA, and GDPR, allowing the use of AI tools without compromising data security. Technical highlights of Leakproof include its ability to catch secrets that traditional keyword-based scanners often miss, such as credentials buried in comments or benign-looking variable names. It employs a combination of regex, entropy checks, and an optional local-model semantic analysis to ensure thorough scanning. The tool provides an append-only audit log, captures every detected secret, and offers customizable actions like redaction or blocking of requests. With no cloud dependency and comprehensive logging, Leakproof empowers teams needing strict oversight while leveraging AI coding capabilities effectively.