What Can AI See About You Right Now? I Built a Scanner to Find Out
Source: Dev.to
The Uncomfortable Truth
Right now, on the machine you are reading this on, there are probably dozens of secrets sitting in plain sight.
- Your
OPENAI_API_KEYis set as an environment variable — visible to every process you run. - Your
~/.aws/credentialsfile has your AWS access key in cleartext. - There is an SSH private key in
~/.ssh/id_rsathat has no passphrase. - You have three
.envfiles across various project directories, each with database credentials and tokens. - Your clipboard may still have an API key you copied an hour ago.
Now ask yourself: if an AI assistant running locally on your machine wanted to read all of this, could it?
The answer is almost certainly yes.
I built shadowscan to make this concrete. Run one command. See exactly what an AI — or any process running as you — can read right now.
What shadowscan does
shadowscan is a local security scanner. It checks eight categories of exposure and generates a risk‑rated report. Zero network calls. All findings stay on your machine. Secret values are always redacted.
SHADOW SCAN REPORT
==================
[CRITICAL] ~/.aws/credentials — AWS access key found
[HIGH] ENV: OPENAI_API_KEY — API key exposed to all child processes (sk-a****)
[HIGH] ~/.ssh/id_rsa — Unencrypted SSH private key
[MEDIUM] Dotenv file found: /home/user/project/.env — review manually
[LOW] Clipboard — empty
Overall risk: CRITICAL | Findings: 5
Run 'shadowscan explain ' for details and fix instructions.The (sk-a****) redaction format shows the first four characters followed by ****. You see enough to identify the key, never enough to use it.
The eight scan categories
| Category | What it checks |
|---|---|
env | Environment variables matching secret patterns (*KEY*, *TOKEN*, *SECRET*, *PASSWORD*, …) |
creds | ~/.aws/credentials, ~/.netrc, ~/.pypirc, ~/.npmrc |
ssh | ~/.ssh/id_* — unencrypted private keys |
dotenv | .env files in the current directory and home (up to 2 levels deep) |
clipboard | Clipboard content — detects secrets via heuristics |
mcp | Claude and Cursor MCP config files for embedded API keys |
git | Last 50 commits for accidentally committed secrets |
tmp | Files in /tmp/ with sensitive‑sounding names |
The MCP config scanner often surprises people. If you use Claude Desktop or Cursor, your MCP configuration file may contain API keys embedded directly in the JSON. Most developers set those up once and never think about them again.
How it works under the hood
Every scanner inherits from a single abstract base class:
from abc import ABC, abstractmethod
from shadowscan.models import Finding
class BaseScanner(ABC):
"""All scanners must inherit from this and implement scan()."""
@abstractmethod
def scan(self) -> list[Finding]:
"""Run the scanner and return a list of findings."""
...
def redact(self, value: str) -> str:
"""Return first 4 characters of value followed by '****'."""
if len(value) < 4:
return "****"
return value[:4] + "****"