tebeka/disallow.md

Created March 22, 2026 13:34

Star (0) You must be signed in to star a gist
Fork (0) You must be signed in to fork a gist

Select an option

Learn more about clone URLs
Clone this repository at <script src="https://gist.github.com/tebeka/b9c197ad5393e348e938498e7984fb26.js"></script>
Save tebeka/b9c197ad5393e348e938498e7984fb26 to your computer and use it in GitHub Desktop.

Download ZIP

Disallow Claude from Reading Secrets

Raw

disallow.md

Disallowing Claude from Reading Secrets

There are files you don't want your agnet to read, especially ones with secrets in them. Here's how you can prevent it:

PreToolUse Hook

In ~/.claude/settings.json (or in the project directory .claude/settings.json)

{
  "hooks": {
    "PreToolUse": [
      {
        "matcher": "Read|Write|Edit",
        "hooks": [
          {
            "type": "command",
            "command": "python ~/.claude/hooks/block_env_files.py"
          }
        ]
      }
    ],
...

block_env_files.py

You can probably do it with shell and jq, but I find this nicer. Claude passes the data to the hook in JSON over stdin.

#!/usr/bin/env python

import json
import sys
from pathlib import Path

data = json.load(sys.stdin)
file_path = data.get('tool_input', {}).get('file_path', '')
if Path(file_path).name in {'.env', '.envrc'}:
    msg = {
        'continue': False,
        'stopReason': 'Blocked: reading .env/.envrc files is not allowed',
    }
    print(json.dumps(msg))

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment