This is my own proposal, based on my own experience in helping guide a startup through adoption of Claude Code across all roles. Right now, Claude does very little to encourage safe secret handling, which seems like a significant miss. Most engineers know how to mitigate risks of secret exposure (or avoid giving Claude secrets at all via proxies and such), but non-engineers simply don't have that learned skillset.
Of course, none of this prevents Claude from running scripts that read and expose secret values at runtime. However, with LLMs building and testing so much software, this is one proposed piece to help reduce some vectors of exposure.
[Note: my submission was written with assistance from Claude.]
bicx•1h ago
Of course, none of this prevents Claude from running scripts that read and expose secret values at runtime. However, with LLMs building and testing so much software, this is one proposed piece to help reduce some vectors of exposure.
[Note: my submission was written with assistance from Claude.]