kalix127 / secret-stripper

What is secret-stripper?

Secret-stripper is a Rust CLI that redacts secrets from your clipboard on demand. Bind a hotkey, highlight text, press the chord - the clipboard holds a redacted version. Normal copy/paste is never intercepted; you trigger redaction explicitly when you want it. The tool scans clipboard content against a broad catalog of patterns (AWS keys, API tokens, database credentials, PII, connection strings) and replaces matches with configurable markers like `[REDACTED]`. It runs on Linux, macOS, and Windows, with platform-specific hotkey backends.

Why is it gaining traction?

The hook is simple and real: you copied something with secrets, press a hotkey, paste safely. It doesn't sit in the background intercepting your clipboard - it's a deliberate, one-shot operation. The detection catalog is unusually comprehensive, covering cloud providers, auth tokens, crypto keys, healthcare data, and more. The AI TUI paste-guard is the standout feature: wrap Claude Code or Codex with a PTY wrapper and pasted secrets never reach the prompt. The TUI menu lets you tune sensitivity, redaction style, and category filters without editing config files by hand.

Who should use this?

Developers who juggle credentials across multiple cloud providers and paste into terminals, AI tools, or shared channels. Security teams building internal safe-paste workflows. Anyone who has accidentally pasted an API key into Slack or a bug report. The AI TUI paste-guard specifically targets developers using Claude Code, Codex, or similar tools who want to paste code samples without sanitizing them first.

Verdict

The feature set is solid and the detection catalog is deep, but this is a small project with 14 stars and a credibility score of 0.899%. The code is well-structured with tests, but it's early-stage - documentation and polish reflect a solo maintainer. Worth trying if you need the specific workflow it enables, but evaluate it on its actual behavior rather than community validation.