An open API service indexing awesome lists of open source software.

https://github.com/chaluvadis/safe-to-send

safe-to-send is a minimal VS Code extension to scan selected code (or full file) for sensitive data before copying for manual AI usage.
https://github.com/chaluvadis/safe-to-send

agent-skills agents ai clipboard security sensitive-data typescript utilities utility vscode-extension

Last synced: 20 days ago
JSON representation

safe-to-send is a minimal VS Code extension to scan selected code (or full file) for sensitive data before copying for manual AI usage.

Awesome Lists containing this project

README

          

# Safe Send

[![VS Code Extension](https://img.shields.io/badge/VS%20Code-Extension-007ACC?logo=visualstudiocode)](https://marketplace.visualstudio.com/items?itemName=nomad-in-code.safe-send)
[![License: MIT](https://img.shields.io/badge/License-MIT-green.svg)](https://opensource.org/licenses/MIT)

**Safe Send** prevents accidental leakage of sensitive data when copying code to AI tools. It scans for secrets (API keys, passwords, tokens) and sanitizes them before they reach your clipboard.

---

## ๐Ÿš€ Quick Start

1. **Install** from VS Code Extensions (`Ctrl+Shift+X` โ†’ Search "Safe Send")
2. **Select code** in your editor
3. **Right-click** โ†’ **"Safe Send: Scan & Copy for AI"**
4. **Review results** โ†’ Copy safely!

---

## ๐Ÿ” What It Does

### Detects 9 Types of Secrets

| Type | Example | Replaced With |
|------|---------|---------------|
| OpenAI Keys | `sk-1234...` | `` |
| AWS Keys | `AKIA...` | `` |
| GitHub Tokens | `ghp_...` | `` |
| JWT Tokens | `eyJhbGc...` | `` |
| Private Keys | `-----BEGIN...` | `` |
| IP Addresses | `192.168.1.1` | `` |
| Emails | `user@domain.com` | `` |
| Passwords | `password = "secret"` | `` |
| Anthropic Keys | `sk-ant-...` | `` |

### Risk Levels

- ๐ŸŸข **LOW** (0-29): No warning (emails, IPs)
- ๐ŸŸก **MEDIUM** (30-59): Warning (passwords)
- ๐Ÿ”ด **HIGH** (60-100): Warning (API keys, tokens)

---

## ๐Ÿ’ป Usage Examples

### Example 1: Clean Code โ†’ Auto Copy
```javascript
// Before: No secrets detected
const greeting = "Hello World";
```
โœ… **Result**: Copied automatically (no warning)

---

### Example 2: Secret Detected โ†’ Warning
```javascript
// Before: Contains API key
const apiKey = "sk-1234567890abcdef";
```
โš ๏ธ **Dialog appears**:
- Risk: 60/100 (HIGH)
- Detected: OpenAI API key
- Options: **Sanitize & Copy** | Copy Anyway | Cancel

โœ… **After Sanitizing**:
```javascript
const apiKey = "";
```

---

### Example 3: Multiple Secrets
```javascript
// Before: Multiple secrets
const config = {
apiKey: "sk-1234567890",
password: "secret123",
email: "admin@company.com"
};
```
โš ๏ธ **Risk**: 100/100 (HIGH - maximum)

โœ… **After**:
```javascript
const config = {
apiKey: "",
password: "",
email: ""
};
```

---

## ๐Ÿ“ธ Screenshots

See **[SCREENSHOTS.md](SCREENSHOTS.md)** for visual examples of:

1. โœ… Clean code copy (no secrets)
2. โš ๏ธ Single secret warning
3. โš ๏ธ Multiple secrets warning
4. ๐Ÿงผ Sanitized output
5. ๐Ÿ”’ Status bar indicators
6. โš™๏ธ Settings configuration
7. ๐Ÿ“‹ Ignore for file feature
8. ๐Ÿ“‹ Clipboard monitoring
9. ๐Ÿ“‚ Path-based risk adjustment
10. ๐ŸŽจ Command palette access

---

## โš™๏ธ Configuration

### Custom Patterns

Add your own detectors in VS Code Settings:

```json
{
"safeSend.customPatterns": [
{
"id": "company_key",
"label": "Company Key",
"regex": "COMPANY_[A-Z0-9]{24}",
"placeholder": "",
"riskScore": 60,
"critical": true
}
]
}
```

### Repository Config

Create `.safe-send.json` in your project:

```json
{
"patterns": [
{
"id": "internal_token",
"label": "Internal Token",
"regex": "INTERNAL_[A-Z0-9]{32}"
}
]
}
```

---

## ๐Ÿ› ๏ธ Commands

| Command | Shortcut |
|---------|----------|
| Scan & Copy | `Ctrl+Shift+P` โ†’ "Safe Send" |
| Context Menu | Right-click in editor |
| Settings | `Ctrl+,` โ†’ Search "Safe Send" |

---

## ๐Ÿ”„ Clipboard Monitoring

Safe Send automatically monitors your clipboard:

- โœ… Scans every 200ms
- โœ… Warns for MEDIUM/HIGH risk
- โœ… Ignores LOW risk (emails, IPs)
- โœ… Never blocks clipboard

**Disable in Settings**: `safeSend.clipboard.monitor`

---

## ๐Ÿ“Š Quality Metrics

| Metric | Value |
|--------|-------|
| Tests Passing | 80/80 โœ… |
| Test Coverage | 100% |
| Compile Errors | 0 |
| Breaking Changes | 0 |
| Lines of Code | 7,484 |

---

## ๐Ÿš€ Quick Commands

```bash
# Install locally
npm run install:local

# Remove local install
npm run remove:local

# Run tests
npm test

# Build
pnpm run build
```

---

## ๐Ÿ”’ Safety & Privacy

- โœ… No data collection
- โœ… No network access
- โœ… 100% offline
- โœ… Open source (MIT)
- โœ… Max 200KB file size

---

## ๐Ÿ“š Documentation

- **[Architecture](docs/ARCHITECTURE.md)** - Technical design
- **[Test Scenarios](docs/Test_Data.md)** - 100+ examples
- **[User Guide](docs/USER_TESTING_GUIDE.md)** - Testing instructions
- **[QA System](reports/IMPLEMENTATION_SUMMARY.md)** - Autonomous testing

---

## ๐Ÿ’ป Development

```bash
# Setup
git clone https://github.com/chaluvadis/safe-send-to-ai.git
cd safe-to-send
pnpm install
pnpm run dev:setup
```

---


Stay safe. Sanitize before you share.

---