Credentials & secrets
The things that turn a leaked prompt into an incident.
- API keys & access tokens
- .env values and connection strings
- Private keys & Authorization headers
- OAuth and session tokens
sk-…AKIA…ghp_…xoxb-…-----BEGIN KEY-----
local privacy proxy · for LLM coding tools
Your secrets never leave your machine.
scrubadubber runs a local proxy in front of Claude Code, Aider, and other LLM tools. It intercepts every outbound request, scrubs credentials, PII, and proprietary code, and forwards a clean version upstream. Your workflow doesn't change.
Windows v0.1.4 — validated end-to-end macOS build in validation
# your tool runs exactly as before
$ aider --model claude
↓ intercepted by scrubadubber
POST api.anthropic.com/v1/messages
authorization: bearer scrubbed · api-key
"wire up billing in scrubbed · src/billing/charge.ts"
scrubbed · 38 lines proprietary code
↑ forwarded clean — secrets stayed home How it works
Three steps. Zero workflow changes.
scrubadubber sits between your tool and the model. You keep typing the same commands — it quietly cleans what goes out.
- 01
Intercept
scrubadubber runs as a proxy on localhost. Your tool points at it instead of the API, so every outbound request passes through first — nothing is sent directly.
- 02
Scrub
Each request is scanned for credentials, tokens, .env values, PII, and code you mark proprietary. Matches are replaced with typed placeholders before anything leaves your machine.
- 03
Forward
The cleaned request goes to the real upstream API — Anthropic, OpenAI, and others. Responses return unchanged. Added latency is negligible.
What gets protected
Built to catch what you can't afford to leak.
scrubadubber recognizes well-known secret formats out of the box, plus the patterns and paths you mark sensitive.
Personal data (PII)
Customer and personal details that shouldn’t train anyone’s model.
- Emails, phone numbers, addresses
- Names tied to records
- Customer data pasted into prompts
- Common ID and card-number formats
name@co.com+1 555…SSN4111 1111 … Proprietary code & IP
The source and structure that make your product yours.
- Files & paths you mark proprietary
- Internal hostnames & service names
- Unreleased source in your prompts
- Business logic in comments
src/billing/…internal.host// pricing rules A strong safety net — not a magic guarantee. scrubadubber catches known patterns and your configured rules; review what you mark sensitive, and keep secrets out of prompts where you can.
Install
Install in one line.
Runs locally. Your existing tools and commands don't change.
Windows · PowerShell
irm https://scrubadubber.com/install.ps1 | iex Validated end-to-end on Windows (v0.1.4).
macOS / Linux · sh
curl -fsSL https://scrubadubber.com/install.sh | sh Linux is ready. The macOS build is in tester validation — watch the repo for the validated release.
Prefer a direct download?
Open source
Don't trust us. Read the code.
A privacy tool you can't inspect is just a different black box. The bridges and installer are open. The engine ships as public, checksummed binaries — so you can verify exactly what runs on your machine.
The bridge Fully open source
bridge-claude-code
The per-tool integration that points Claude Code (and other CLIs) at scrubadubber. Small, readable, and the same install script you pipe to your shell.
View on GitHub The tray app Installer + releases
scrubadubber
The one-click installer and tray manager for Windows and macOS, plus every release. Open an issue, read the source, file a PR.
View on GitHub The Hub engine Signed binaries + checksums
scrubadubber-hub-releases
The local proxy engine ships as public, checksummed binaries here. The engine source stays private — but every artifact you run is published with a SHA256 you can verify.
View on GitHubOn macOS? The build is in tester validation — watch the repo to be first to the validated release.