{"slug": "show-hn-heimwall-catch-secrets-before-you-paste-them-into-claude-or-cursor", "title": "Show HN: HeimWall – Catch secrets before you paste them into Claude or Cursor", "summary": "HeimWall, a free macOS menu-bar app, detects secrets and personally identifiable information in AI prompts before they are sent to tools like Cursor, Claude Code, and Copilot, performing all scanning entirely on-device with no network egress. The app uses deterministic regex and an on-device classifier to flag credentials and PII, ensuring no data ever leaves the user's machine.", "body_md": "# Catch the secret *before it leaves* your Mac.\n\nThe free menu-bar app for individual developers. It flags secrets and PII in your AI prompts — in Cursor, Claude Code, and Copilot — entirely on your Mac. No account, no org, nothing sent anywhere.\n\nThe whole point\n\n**This app sends nothing, anywhere.** There is no account to create and no server to phone home to. Capture, detection, and the alert all happen on your Mac. Pull the network cable and it works exactly the same.\n\nWhat it catches\n\n## The stuff you never meant to paste.\n\nOne accidental paste from a .env file or a log is all it takes. The app watches the prompt as you write it and flags the things that shouldn’t go out.\n\n### Secrets, before you send them\n\nAWS access keys, GitHub tokens, private keys, JWTs, database URLs — 25+ hand-written rules for the credentials with hard shapes. The most common way a secret enters a prompt is a paste from a .env file; this catches it at the source.\n\n### PII you didn't mean to paste\n\nSSNs, credit-card numbers, and emails buried in a log or a stack trace you dropped into Cursor to debug. Flagged instantly, before the prompt is sent.\n\n### Across every AI tool you use\n\nCursor, Claude Code, Copilot — one menu-bar agent reads the composer itself, so it sees the prompt even when the tool talks straight to its own cloud. No per-tool setup.\n\nThe heavy lifting is deterministic regex — instant, explainable, and offline. A small pretrained classifier runs on-device as a fallback for fuzzier leaks. Either way, no model is ever trained on your prompts, because they are never collected.\n\nLocal-only, and we mean it\n\n## Nothing leaves your Mac.\n\nNot the prompt, not a redacted snippet, not a count. The entire loop lives on your machine — this is a claim we’ve audited, not a slogan.\n\nStep 1\n\nCapture\n\nReads the prompt as you write it — on-device, before the network.\n\nStep 2\n\nDetect\n\nScans for secrets and PII in under 50ms, entirely offline.\n\nStep 3\n\nFlag\n\nA soft toast at the source. Nothing is stored, nothing is sent.\n\nprompt scan toast dropped from memory\n\nNo account, no cloud\n\nYou never sign in. There is no backend to receive your data because the app has nothing to send.\n\nZero egress\n\n~15 MB, Rust + Tauri, under 150 MB RAM idle. Runs fully offline — the network is never touched.\n\nFree app vs. the team product\n\n## Same engine. This one sends nothing.\n\nThe team product is the exact same on-device agent, enrolled in an organization so a manager can see redacted signal — counts and masked snippets, never prompts. The free app skips all of that: it is not enrolled, so there is no uplink at all.\n\n### Everything stays local\n\nNo account, no org, no network. You type; it catches; the raw bytes are dropped from memory. Nothing is ever recorded or sent. Free forever.\n\n### Redacted signal, by consent\n\nThe same agent, joined to an org with one code. It uplinks redacted metadata so a manager sees a Safety Score and trends. Raw prompts still never leave the device. [For teams →](/#waitlist)\n\nCurious how the capture, detection, and redaction pipeline works under the hood? [See the full architecture →](/how-it-works)\n\nGet the free app\n\n## Download HeimWall for Mac.\n\nFree forever, no account. Signed and notarized by Apple, so it opens with a normal double-click — no security warnings to click through.\n\n[Download for Mac](/api/download)v0.0.5 · 3.9 MB · Apple Silicon · macOS 13+\n\nSigned & notarized · 100% on-device · no account, ever.\n\nOpen the DMG\n\nDrag HeimWall into your Applications folder.\n\nGrant Accessibility\n\nLaunch it once and allow Accessibility, so it can read the prompt box of your AI tools. Nothing ever leaves your Mac.\n\nYou're protected\n\nThe window shows Protected. Type a fake key into Cursor and watch it get flagged, redacted, on-device.\n\nOn an Intel Mac or Windows? [Get notified](/#waitlist) when your build is ready.", "url": "https://wpnews.pro/news/show-hn-heimwall-catch-secrets-before-you-paste-them-into-claude-or-cursor", "canonical_source": "https://heimwall.ai/individual", "published_at": "2026-07-16 20:27:20+00:00", "updated_at": "2026-07-16 20:55:10.499606+00:00", "lang": "en", "topics": ["ai-tools", "ai-safety", "ai-ethics", "developer-tools"], "entities": ["HeimWall", "Cursor", "Claude Code", "Copilot", "Apple"], "alternates": {"html": "https://wpnews.pro/news/show-hn-heimwall-catch-secrets-before-you-paste-them-into-claude-or-cursor", "markdown": "https://wpnews.pro/news/show-hn-heimwall-catch-secrets-before-you-paste-them-into-claude-or-cursor.md", "text": "https://wpnews.pro/news/show-hn-heimwall-catch-secrets-before-you-paste-them-into-claude-or-cursor.txt", "jsonld": "https://wpnews.pro/news/show-hn-heimwall-catch-secrets-before-you-paste-them-into-claude-or-cursor.jsonld"}}