Problem / Motivation
When /idd-issue files to a third-party / public upstream repo (e.g. anthropics/claude-code), the issue or comment body can carry evidence gathered from the local machine — project directory names, absolute home paths, and collaborator names lifted from ~/.claude.json, transcripts, or diagnostic output. These are private and must not leak into a public tracker.
Today the operator has to remember to scrub this by hand every time. In the motivating session (diagnosing a Claude Code trust-dialog regression → contributing to anthropics/claude-code#71562) the scrub was manual and ad hoc: ~300 local project names had to be reduced to aggregate statistics before the comment was safe to post. That responsibility should not rest on human memory.
Proposed behavior
A pre-submit privacy gate that runs immediately before any outward dispatch — Step 3 gh issue create, Step 4 attachment upload, and the comment/edit paths of multi-finding mode.
The gate is repo-aware; its strictness is a function of the target repo:
| Target repo class |
Gate behavior |
Public and third-party (owner ∉ my orgs, e.g. anthropics/*) |
Enforce — scan drafted body + attachments for private-identifier patterns, show a redaction diff, require explicit confirm before dispatch |
Public but own org (e.g. PsychQuant/*) |
Warn — flag likely-private tokens, default proceed |
| Private repo |
Light / off — audience already trusted (still honor the CLAUDE.md raw-third-party rule) |
Where it hooks
Type
feature
Expected
Before dispatching to a public/upstream repo, IDD detects candidate private identifiers in the drafted body, shows what it would redact, and blocks on confirmation — so a leak (e.g. a collaborator's name in a public bug report) cannot happen by forgetting to scrub.
Open questions
- Classifying "own vs third-party": git user's org memberships? an allowlist in
issue-driven-dev.local.json?
- Redact-with-diff vs. block-until-edited.
- Private-identifier pattern set (home-dir absolute paths,
~/.claude.json project basenames, personal-name heuristics) — start conservative to avoid over-redaction.
Filed via /idd-issue (dogfooding). Motivating session: contributing population-level evidence to anthropics/claude-code#71562 required manually scrubbing 300 local project names down to aggregate stats before it was safe for a public tracker.
Problem / Motivation
When
/idd-issuefiles to a third-party / public upstream repo (e.g.anthropics/claude-code), the issue or comment body can carry evidence gathered from the local machine — project directory names, absolute home paths, and collaborator names lifted from~/.claude.json, transcripts, or diagnostic output. These are private and must not leak into a public tracker.Today the operator has to remember to scrub this by hand every time. In the motivating session (diagnosing a Claude Code trust-dialog regression → contributing to
anthropics/claude-code#71562) the scrub was manual and ad hoc: ~300 local project names had to be reduced to aggregate statistics before the comment was safe to post. That responsibility should not rest on human memory.Proposed behavior
A pre-submit privacy gate that runs immediately before any outward dispatch — Step 3
gh issue create, Step 4 attachment upload, and the comment/edit paths of multi-finding mode.The gate is repo-aware; its strictness is a function of the target repo:
anthropics/*)PsychQuant/*)Where it hooks
sanitize_source_label()machinery ([security] idd-issue multi-finding: dual-track sanitization design (IC_R007 verbatim vs GitHub body sanitization) #75) from filename/source-label sanitization to full body scanning.git commitout to the IDD issue/comment egress.Type
feature
Expected
Before dispatching to a public/upstream repo, IDD detects candidate private identifiers in the drafted body, shows what it would redact, and blocks on confirmation — so a leak (e.g. a collaborator's name in a public bug report) cannot happen by forgetting to scrub.
Open questions
issue-driven-dev.local.json?~/.claude.jsonproject basenames, personal-name heuristics) — start conservative to avoid over-redaction.Filed via
/idd-issue(dogfooding). Motivating session: contributing population-level evidence toanthropics/claude-code#71562required manually scrubbing 300 local project names down to aggregate stats before it was safe for a public tracker.