Claude Code is useful because it can read your project, edit files, and run commands. Those same powers make secret handling important. Treat it like a capable developer sitting at your terminal: give it only the access it needs, keep secrets out of source code, and review any command that could print, copy, upload, or commit sensitive data.
Start with a simple rule: no secrets in the prompt
Do not paste production API keys, private tokens, database passwords, customer data, or private certificates into Claude Code. If the model needs to understand a value, provide its shape, not the value.
Bad:
Use this Stripe key: sk_live_...
Good:
The app reads STRIPE_API_KEY from the environment.
Assume it has the format used by Stripe live secret keys.If you need help debugging authentication, redact the secret and share the error, request ID, status code, and relevant configuration names.
Keep secrets out of the repository
The safest secret is one Claude Code never sees in files. Use environment variables, local secret stores, or your cloud provider’s secret manager. Commit templates, not real credentials.
Use .env locally, but never commit it
# .gitignore
.env
.env.*
!.env.example
# Common secret material
*.pem
*.key
*.p12
*.pfx
secrets.json
service-account*.json# .env.example - safe to commit
ANTHROPIC_API_KEY=
STRIPE_API_KEY=
DATABASE_URL=
JWT_SECRET=Ask Claude Code to read .env.example, not .env. The example file documents required configuration without exposing values.
Validate environment variables at startup
Fail fast when a variable is missing. This avoids printing full configuration during debugging.
// config.js
// Loads required configuration without logging secret values.
const required = ["STRIPE_API_KEY", "DATABASE_URL", "JWT_SECRET"];
for (const name of required) {
if (!process.env[name]) {
throw new Error(`Missing required environment variable: ${name}`);
}
}
export const config = {
stripeApiKey: process.env.STRIPE_API_KEY,
databaseUrl: process.env.DATABASE_URL,
jwtSecret: process.env.JWT_SECRET,
};Use a secret manager for shared and production secrets
For team and production systems, prefer AWS Secrets Manager, Google Secret Manager, Azure Key Vault, Doppler, 1Password, Vault, or another managed store. Claude Code can help write integration code without seeing secret values.
# secrets_loader.py
# Example: fetch a secret at runtime instead of storing it in code.
import os
import boto3
def get_secret(name: str) -> str:
client = boto3.client("secretsmanager", region_name=os.environ["AWS_REGION"])
response = client.get_secret_value(SecretId=name)
return response["SecretString"]
DATABASE_URL = get_secret("prod/app/database-url")
STRIPE_API_KEY = get_secret("prod/app/stripe-api-key")When working with Claude Code, ask for code that references secret names, IAM roles, and environment variables. Do not include the resolved secret values in files, prompts, logs, or test fixtures.
Limit what Claude Code can access
Run Claude Code from the smallest useful project directory. Avoid launching it from your home directory or a monorepo root if only one service is relevant. Keep SSH keys, cloud credentials, browser exports, password-manager exports, and production dumps outside the workspace.
Use a clean development shell
Do not automatically expose every shell variable to your coding session. Start with only the variables the project needs.
# Start a minimal shell with only selected variables.
env -i \
HOME="$HOME" \
PATH="$PATH" \
NODE_ENV="development" \
ANTHROPIC_API_KEY="$ANTHROPIC_API_KEY" \
bashIf possible, use separate development credentials with limited permissions and low quotas. Never use a production admin token for local coding assistance.
Consider containers for stronger boundaries
A container can reduce accidental access to files outside the project. Mount only the project and dependency caches you need.
# Example boundary: mount only the current project.
# Do not mount ~/.ssh, ~/.aws, ~/.config, or password-manager exports.
docker run --rm -it \
-v "$PWD:/workspace" \
-w /workspace \
node:22-bookworm bashPrevent accidental secret exposure in logs and commits
Claude Code may run tests, inspect logs, or modify debugging statements. Make redaction a default part of your application.
// logger.js
// Redact common secret fields before logging objects.
const SECRET_KEYS = [/api[_-]?key/i, /token/i, /password/i, /secret/i, /authorization/i];
export function redact(value) {
if (Array.isArray(value)) return value.map(redact);
if (value && typeof value === "object") {
return Object.fromEntries(
Object.entries(value).map(([key, val]) => [
key,
SECRET_KEYS.some((pattern) => pattern.test(key)) ? "[REDACTED]" : redact(val),
])
);
}
return value;
}
export function safeLog(message, data = {}) {
console.log(message, redact(data));
}Add secret scanning before code reaches Git
Use tools such as Gitleaks, TruffleHog, detect-secrets, or your platform’s native secret scanning. Run them locally and in CI.
# .pre-commit-config.yaml
repos:
- repo: https://github.com/gitleaks/gitleaks
rev: v8.24.0
hooks:
- id: gitleaks# Install and run before committing.
pre-commit install
pre-commit run --all-filesReview commands before approving them
Claude Code can suggest shell commands. Review them like a code change. Be careful with commands that read hidden files, print environment variables, upload data, or pipe output to network tools.
# High-risk patterns to inspect carefully:
env
printenv
cat .env
cat ~/.aws/credentials
cat ~/.ssh/id_rsa
curl -d @file https://example.com
zip -r project.zip .
git add .Prefer narrow commands. For example, git add src/config.js test/config.test.js is safer than git add ..
Use project instructions, but do not rely on them as a security boundary
A CLAUDE.md file can document your security expectations. This helps the assistant behave consistently, but it does not replace access control, secret scanning, or code review.
# CLAUDE.md
Security rules for this repository:
- Never read or print .env, private keys, or cloud credential files.
- Use .env.example when documenting configuration.
- Do not add debug logs that include tokens, cookies, or Authorization headers.
- Prefer least-privilege development credentials in examples.
- Before suggesting network commands, explain what data will be sent.Rotate quickly if a secret is exposed
If an API key is pasted, committed, logged, or shown in terminal output, assume it is compromised. Revoke it immediately, create a replacement, update deployments, and audit recent usage. Do not only remove it from Git history; rotate the key as well.
Practical checklist
Keep real secrets out of prompts and files. Commit .env.example, not .env. Run Claude Code from a narrow workspace. Use least-privilege development credentials. Add redaction and secret scanning. Review shell commands before approval. Rotate exposed keys immediately.
With these habits, Claude Code can safely help you build, refactor, and debug while your API keys and sensitive data remain protected.