-
Notifications
You must be signed in to change notification settings - Fork 1
Safety And Privacy
karurikwao edited this page Jul 5, 2026
·
1 revision
ContextClean is designed for local-first use.
The CLI does not need:
- an API key
- a hosted preprocessing service
- a model provider
- telemetry
Input is processed locally by the binary.
Secret-like values are redacted by default. The redaction pipeline covers common patterns such as:
- API key assignments
- bearer tokens
- JWT-like values
- private key blocks
- credential URLs
- sensitive URL query parameters
- common provider token shapes
Redaction is defensive. It is not a complete security guarantee.
Directory scans skip common sensitive paths by default, including examples such as:
.env- private key files
- certificate files
- credential directories
- hidden credential files
Use --include-sensitive only when you explicitly need to include a sensitive file so it can pass through the redaction pipeline.
Repository scans respect:
.gitignore.ctxcleanignore
Common generated and dependency directories are skipped by default:
.gitnode_modulestargetdistbuild- caches
- Run
ctxclean reportfirst on unfamiliar input. - Inspect warnings and removed sections.
- Use
--format jsonif you need structured evidence. - Avoid
--include-sensitiveunless there is a clear reason. - Avoid
--no-redact-secretsfor shared context. - Inspect final context before sending it outside your machine.
ContextClean does not replace:
- code review
- secret scanning
- legal review
- security review
- data classification policies
It is a local preprocessing layer, not a compliance system.