Show HN: I made cc-filter after Claude kept bypassing its own rules
github.comBeen using Claude Code for a few months and realized it can bypass its own permission system pretty easily. Even with deny config or CLAUDE.md rules, it finds ways to read .env or similar files through alternative paths or indirect commands. There are several open issues in the Claude Code repo about this. Also maintaining blocklists across teams is honestly a pain. Everyone has different secrets, different file patterns, and trying to keep CLAUDE.md or settings.json files in sync gets messy fast.
So I spent the weekend building cc-filter - a security layer that sits between your prompts and Claude. It intercepts everything before Claude sees it and filters out API keys, database URLs, secrets, basically anything you don't want an AI to access. It uses regex patterns and understands different file types. This works with Claude Code's hook system but also as a standalone tool. I wrote it in Go, so it's fast and ships as single binaries. No dependencies, just download and run. It's configurable because everyone's security needs are different, but it comes with sensible defaults for common secrets.
Been using it for some time now and finally feel comfortable letting Claude help with my actual projects instead of sanitized examples. Hope you find this useful and let me know if you have any feedback