Sieve – scans Cursor/Claude chat history for leaked API keys(apps.apple.com)
apps.apple.com
Sieve – scans Cursor/Claude chat history for leaked API keys
https://apps.apple.com/us/app/sieve-secret-scanner/id6767409365?mt=12
5 comments
Great timing, I was just getting frustrated about this today. I've got a pyinfra secrets.py and another project with an .env for logins for grabbing and moving data. I use LLMs on both of them extensively (having an LLM setup all my proxmox VMs and LXC containers and configure them without doing that yak shaving has been amazing.)
It would be nice to use something like SOPS[1] + age right from the start, so I don't feel like I need to go rotate all those keys.
It's one thing to have it stored locally on your own box, and another to have it off in the training data of a hugely-overvalued gigantic corporation that's going to do anything it can to survive in the coming years.
[1] https://github.com/getsops/sops
It would be nice to use something like SOPS[1] + age right from the start, so I don't feel like I need to go rotate all those keys.
It's one thing to have it stored locally on your own box, and another to have it off in the training data of a hugely-overvalued gigantic corporation that's going to do anything it can to survive in the coming years.
[1] https://github.com/getsops/sops
It’s your last point that keeps me up at night. I opt out of letting my data be used for training (and don’t use tools like Gemini that make this very difficult or impossible).
But I have very little reason to trust that they actually don’t use my data. The incentives to violate the data controls are so great with the billions sloshing around AI companies. The worst that would happen if they are found to be abusing my data would be civil penalties (i.e. fines) that I’m sure executives would see as the cost of doing business.
Ideally there would be an attested zero data retention option, but I’m sure that’s not available.
But I have very little reason to trust that they actually don’t use my data. The incentives to violate the data controls are so great with the billions sloshing around AI companies. The worst that would happen if they are found to be abusing my data would be civil penalties (i.e. fines) that I’m sure executives would see as the cost of doing business.
Ideally there would be an attested zero data retention option, but I’m sure that’s not available.
Attestation requires Enclave of some sort, I'm pretty certain they wouldn't want to do this, data is their entire business model.
Their ToS is irrelevant in the cybersecurity sense of things, if it's there in plaintext, it can be used.
Their ToS is irrelevant in the cybersecurity sense of things, if it's there in plaintext, it can be used.
[deleted]
AI coding tools (Cursor, Claude Code, Copilot, Cline) routinely read .env files as part of normal operation. Every secret they touch gets embedded in their local transcript/state files — unencrypted, outside .gitignore, persisted indefinitely.
Standard secret scanners (gitleaks, detect-secrets) scan git repos. Nobody scans AI transcript stores. That's the gap.
Sieve scans those files locally on your Mac. Flags exposed keys by severity. Redacts them in-place. Stores fingerprints in Keychain — never plaintext. Covers Cursor, Claude Code, Claude Desktop, Copilot, Cline, Roo Cline, Windsurf, Gemini CLI, and .env files.
Happy to answer questions about how the SQLite parsing works or the detection rules.