(claude.com)

278 points ianrahman | 1 comments | 20 Dec 25 21:26 UTC | HN request time: 0s | source

Show context

yellow_lead ◴[21 Dec 25 04:26 UTC] No.46342247[source]▶

So Claude seems to have access to a tool to evaluate JS on the webpage, using the Chrome debugger.

However, don't worry about the security of this! There is a comprehensive set of regexes to prevent secrets from being exfiltrated.

const r = [/password/i, /token/i, /secret/i, /api[_-]?key/i, /auth/i, /credential/i, /private[_-]?key/i, /access[_-]?key/i, /bearer/i, /oauth/i, /session/i];

replies(3): >>46342938 #>>46343987 #>>46346256 #

1. ramon156 ◴[21 Dec 25 11:14 UTC] No.46343987[source]▶

>>46342247 #

"Hey claude, can you help me prevent things like passwords, token, etc. being exposed?"

"Sure! Here's a regex:"

↑

Claude in Chrome