Stop AI coding assistant secrets exposure. Encrypt your .env files with biometric authentication and let Claude Code deploy, test, and run commands—without ever seeing your API keys.
Your secrets never leave your machine unencrypted. Claude Code gets access without visibility.
API keys, database URLs, tokens — anything sensitive goes here.
AES-256-CBC encryption, hardware-backed master key via DPAPI.
CLAUDE.md tells Claude what secrets exist, never the values.
Values exist in subprocess memory, never logged or returned.
Secrets are decrypted in memory, used once, then discarded. Never written to disk or logs.
Master key protected by Windows Hello TPM. Encrypted vault is useless on another device.
Secret values flow one direction. Claude Code output is automatically sanitized.
See how developers use LLM Secrets with Claude Code for common workflows.
Call external APIs with secure authentication
Run migrations and queries securely
Publish to npm with secure tokens
Deploy to AWS, GCP, or Azure securely
Deploy to Vercel and configure DNS with GoDaddy API
Deploy smart contracts without exposing private keys
LLM Secrets generates a CLAUDE.md reference file that tells Claude Code exactly which secrets exist and how to use them—without revealing values.
Claude knows the exact variable names. No guessing, no hallucinated API keys.
Descriptions tell Claude when to use each secret. Database URL for migrations, API key for external calls.
No more "secret not found" errors. Claude writes correct commands the first time.
Add a secret, regenerate CLAUDE.md. Your AI always has the latest reference.
LLM Secrets is fully open source under AGPL-3.0. Every line of code is available for security auditing.
// AES-256-CBC encryption with Windows Hello export class CryptoService { async encrypt(content: string): Promise<string> { // Get master key via Windows Hello const masterKey = await getMasterKey(); // Generate random IV for each encryption const iv = randomBytes(16); // AES-256-CBC encryption const cipher = createCipheriv( 'aes-256-cbc', masterKey, iv ); // Encrypt and return base64 return iv + cipher.update(content); } }
Every line of encryption code is visible. Security researchers can verify there are no backdoors. Ask DeepWiki for an independent analysis.
AES-256-CBC is the same encryption used by governments and banks. Battle-tested and proven.
Found a vulnerability? Submit a PR. Improvements benefit everyone using LLM Secrets.
Your encrypted files use standard formats. You own your data and can decrypt without us.
The desktop app gives you a clean interface to manage, organize, and protect your secrets without touching the command line.
Setup wizard walks you through vault creation. Windows Hello authentication in seconds.
Add, edit, and organize secrets with a clean interface. Syntax highlighting for .env format.
Encrypted backup to Google Drive with one click. Restore on any Windows device.
Configurable idle timeout. Step away and your secrets lock automatically.
Free for macOS, Windows, and WSL. Everything you need to work securely with Claude Code. Start encrypting your secrets today.
Free for macOS, Windows, and WSL. Full-featured encryption for the developer community.
Native macOS app with Touch ID and Keychain integration. Apple Silicon optimized.
Download for macOSFull desktop app with Windows Hello biometric auth and cloud backup tools.
Download for WindowsNative Linux support with Windows Hello bridge for WSL2 development workflows.
Download for WSLLLM Secrets uses a zero-knowledge architecture. Secrets are decrypted in memory only when needed, injected directly into subprocess environments, and automatically redacted from output.
Even if someone steals your encrypted vault file, it's completely useless without your Windows Hello authentication. The master key is protected by hardware-backed security on your device.
AES-256-CBC with random IVs. No plaintext files ever written to disk.
Windows Hello + DPAPI protection. Keys bound to your device.
Secrets injected into subprocesses. Never returned to Claude.
Configurable inactivity timeout. Secrets re-encrypted automatically.
Everything you need to know about protecting your secrets from AI coding assistants.
Yes. Research shows Claude Code automatically loads .env files without asking permission. Your API keys, database passwords, and tokens are silently loaded into memory. LLM Secrets encrypts these files so Claude can use secrets without ever seeing the actual values.
Traditional approaches like separate user accounts or deny rules are complex and error-prone. LLM Secrets provides env file encryption for Windows using Windows Hello—your secrets are encrypted at rest and only decrypted in isolated subprocesses at runtime.
Yes. LLM Secrets uses AES-256-CBC encryption with a master key protected by Windows Hello and DPAPI. Your encryption keys are hardware-backed by your device's TPM chip. Even if someone steals your encrypted vault file, it's useless without biometric authentication on your specific device.
Absolutely. While LLM Secrets is optimized for Claude Code with automatic CLAUDE.md generation, the encryption works with any AI coding assistant. Your .env file stays encrypted—no AI tool can read the plaintext values. Secrets are injected at runtime for any command.
LLM Secrets supports macOS (with Touch ID), Windows 10/11 (with Windows Hello), and WSL/Linux. All platforms are free with full-featured encryption, automatic CLAUDE.md generation, and biometric authentication.
AI assistants read files in your project directory, including .env files. These values can appear in prompts, error messages, logs, and even be transmitted to cloud servers. LLM Secrets prevents this exposure by ensuring the AI only sees encrypted content or variable names—never actual secret values.
Plain text .env files are risky—43.8% of crypto theft in 2024 came from private key compromise. LLM Secrets encrypts your .env with AES-256 + Windows Hello. Keys are decrypted only at runtime in isolated subprocesses. Safer than Foundry keystores or Hardhat keystore plugins—encryption is automatic and biometric-protected.
Yes. Claude can run forge script or hardhat deploy commands using your encrypted private key via $env:PRIVATE_KEY. Your key is injected at runtime but never visible to the AI. Deploy to mainnet, testnets, or L2s—your wallet stays secure while Claude handles the deployment workflow.
Answers from DeepWiki, an independent AI analysis of this codebase.
No. Here's why:
$env:SECRET_NAME, never the value.The architecture makes it impossible for anyone to see your secrets since all operations are local.
You can recover IF you set up backups beforehand.
Recovery options:
Without backups: Secrets are irrecoverable by design. No backdoor exists.
Get answers from an independent third-party AI analysis of our codebase.
Ask DeepWikiJoin developers who trust LLM Secrets to keep their API keys and credentials safe while working with AI coding assistants.