Skip to content

JamesShi96/safe-push

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

1 Commit
README.md
README.md
 
 
SKILL.md
SKILL.md
 
 

Repository files navigation

safe-push

A Claude Code skill that scans your staged git changes for sensitive information before you commit.

What it checks:

  • API keys, tokens, and credentials
  • Private IPs, local paths, database connection strings
  • Personal identifiable information (PII)
  • Sensitive config files (.env, .pem, .key, etc.)

How it works:

  • Auto-detects repo visibility (public/private) via gh
  • Public repo → blocks commit if sensitive info is found
  • Private repo → warns but lets you proceed
  • Supports a .claude/allowlist.json for known false positives

Install

Copy the SKILL.md file into your Claude Code skills directory:

mkdir -p ~/.claude/skills/safe-push
cp SKILL.md ~/.claude/skills/safe-push/SKILL.md

Usage

Just commit as usual. Claude will automatically run the scan when it detects a commit action.

Or invoke manually: /safe-push

Allowlist

Create .claude/allowlist.json in your project root to skip known safe values:

{
  "allowed": [
    "sk-test-xxx",
    "example@company.com"
  ]
}

License

MIT

About

Pre-commit sensitive info scanner skill for Claude Code

Resources

Readme
Activity

Stars

12 stars

Watchers

1 watching

Forks

2 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors