Sieve – scans Cursor/Claude chat history for leaked API keys

helpful_human·Hacker News·Community·

Background: I was using Cursor to set up an OpenAI integration.The agent read my .env file, added the key to the config, and everything worked. What I didn't think about: that key was now sitting in a plaintext SQLite database at ~/Library/ApplicationSupport/Cursor/User/workspaceStorage/..AI coding tools (Cursor, Claude Code, Copilot, Cline) routinely read .env files as part of normal operation. Every secret they touch gets embedded in their local transcript/state files — unencrypted, outside .gitignore, persisted indefinitely.Standard secret scanners (gitleaks, detect-secrets) scan git repos. Nobody scans AI transcript stores. That's the gap.Sieve scans those files locally on your Mac. Flags exposed keys by severity. Redacts them in-place. Stores fingerprints in Keychain — never plaintext. Covers Cursor, Claude Code, Claude Desktop, Copilot, Cline, Roo Cline, Windsurf, Gemini CLI, and .env files.Happy to answer questions about how the SQLite parsing works or the detection rules.

Read full article →

Related Articles

An OpenAI model has disproved a central conjecture in discrete geometry
tedsanders · Hacker News · 20h ago
GitHub confirms breach of 3,800 repos via malicious VSCode extension
Timofeibu · Hacker News · 1d ago
Show HN: Rmux – A programmable terminal multiplexer with a Playwright-style SDK
shideneyu · Hacker News · 6h ago
Incident Report: May 19, 2026 – GCP Account Suspension
0xedb · Hacker News · 1d ago
Not alive, but not dead: disembodied human brains used for drug testing
Timofeibu · Hacker News · 19h ago