I've been using Claude Code and Cursor daily. At some point
I realized I had no idea what those agents could actually
see about me — env vars, SSH keys, AWS credentials,
clipboard, git history, MCP configs.
So I built a scanner to answer that question.
pip install shadowscan && shadowscan run
It checks 8 categories: environment variables matching
secret patterns, credential files (~/.aws, ~/.netrc,
~/.npmrc), unencrypted SSH keys, .env files, clipboard
content, MCP config files with embedded API keys, git
history for accidentally committed secrets, and /tmp for
sensitive-sounding files.
Zero network calls. Nothing leaves your machine. Secret
values are redacted to 4 chars in output.
Found 3 things on my own machine I didn't know were exposed.
I've been using Claude Code and Cursor daily. At some point I realized I had no idea what those agents could actually see about me — env vars, SSH keys, AWS credentials, clipboard, git history, MCP configs.