Simon Willison built scan-for-secrets to solve a specific, embarrassing problem: accidentally publishing your own API keys when you share Claude Code transcripts online.
image from grok
Simon Willison released scan-for-secrets 0.3 with a new redaction flag that replaces detected secrets with 'REDACTED' while correctly handling all five encoded forms (JSON escaping, URL percent-encoding, HTML entities, backslash-doubled, and unicode-escape). The tool, originally built to sanitize Claude Code transcripts before publication, uses README-driven development where the specification was written first, then handed to Claude Code for TDD implementation. Secrets to check are sourced from a ~/.scan-for-secrets.conf.sh shell script for repeated use.
The tool takes a secret and a directory, then scans every file for that secret — not just the literal string. It also catches five encoded forms: JSON escaping, URL percent-encoding, HTML entities, backslash-doubled, and unicode-escape sequences. If your API key appears anywhere in a log file, even buried inside a JSON payload or double-escaped inside another string, scan-for-secrets finds it.
Version 0.3 adds -r/--redact, which takes a confirmation prompt and replaces every match with the string REDACTED, handling all five encoded forms correctly. There's also a new Python function, redact_file(file_path, secrets, replacement), for programmatic use.
The tool started because Willison publishes transcripts of his local Claude Code sessions using his claude-code-transcripts tool. He wanted a way to check those transcripts before publication — to make sure no API key, AWS credential, or similar secret had ended up in the log.
Willison built it with README-driven development: he wrote the README first, describing exactly how the tool should work, then handed it to Claude Code and told it to implement it using red/green test-driven development. The process is itself a small case study in how developers are now using AI pair programmers to build one-off security and dev-ops utilities that would have required more effort to justify before the era of fast code generation.
For users who maintain a standing list of secrets to check — Willison uses his to pull API keys from llm keys get for OpenAI, Anthropic, Gemini, and Mistral, plus his AWS credentials — the tool reads from ~/.scan-for-secrets.conf.sh, a shell script containing commands that echo the secrets to check.
The release notes are on GitHub. Version 0.3 was released April 6, 2026.
Story entered the newsroom
Research completed — 4 sources registered. scan-for-secrets 0.3 adds redaction for Claude Code transcripts. Built with README-driven dev and Claude Code as the implementer. Six encoding variant
Draft (305 words)
Reporter revised draft (303 words)
Reporter revised draft (303 words)
Reporter revised draft (303 words)
Approved for publication
Published (277 words)
Get the best frontier systems analysis delivered weekly. No spam, no fluff.
Artificial Intelligence · 1h 38m ago · 3 min read
Artificial Intelligence · 2h 7m ago · 4 min read
