Quell
Health Pass
- License — License: MIT
- Description — Repository has a description
- Active repo — Last push 0 days ago
- Community trust — 12 GitHub stars
Code Warn
- process.env — Environment variable access in .github/scripts/pr-security-triage.js
- network request — Outbound network request in .github/scripts/pr-security-triage.js
Permissions Pass
- Permissions — No dangerous permissions requested
No AI report is available for this listing yet.
Stop API keys and passwords leaking into AI tools. Offline secret detection and redaction for VSCode, Cursor, Windsurf, and Claude Code.
Quell
Stop leaking secrets to AI. Quell intercepts your prompts, scans for API keys, tokens, passwords, and connection strings — and replaces them with secure placeholders before the AI ever sees them. Real values are stored safely in your OS Keychain.
100% offline. Zero network calls. Zero telemetry. Your secrets never leave your machine.



🚨 The Problem
Every time you paste code into an AI chat (Copilot, Cursor, Windsurf, Antigravity), secrets get silently transmitted to cloud-hosted models:
| What You Do | What Leaks |
|---|---|
Paste .env asking "why won't my DB connect?" |
Database passwords, API keys |
Copy payment.ts asking "why is Stripe failing?" |
sk_live_XXXXXXX (live Stripe key) |
| AI IDE indexes your workspace | Every .env, config.json, credentials.yml |
Quell is the security layer between you and the AI.
⚡ How It Works
- You write code with real secrets
- Quell scans using 80+ regex patterns + Shannon entropy analysis
- AI receives safe placeholders —
{{SECRET_xxx}}instead of your real keys
# Before (DANGEROUS)
- STRIPE_KEY=sk_live_REPLACE_WITH_YOUR_KEY
- DATABASE_URL=postgres://admin:[email protected]:5432/mydb
# After Quell (SAFE)
+ STRIPE_KEY={{SECRET_52c14bbbc02ef7a1}}
+ DATABASE_URL={{SECRET_f6d2e5e49c86a3b2}}
+ AWS_REGION=us-east-1 ← non-secret, left unchanged
🧩 One Engine, Three Surfaces
The same offline detection engine (80+ regex patterns + Shannon entropy) ships in three forms, so protection follows you across tools:
| Surface | What it protects | Get it |
|---|---|---|
| VSCode extension | Editing, clipboard, AI-chat paste in VSCode, Cursor and Windsurf | VS Marketplace · Open VSX |
| Claude Code plugin | Blocks secret-bearing prompts before they reach Claude, and asks before a tool call reads a secret and sends it over the network (exfiltration guard) | packages/claude-plugin |
@sonofg0tham/quell-scanner |
The standalone engine for your own pipelines, hooks, or CI | npm |
All three are offline, dependency-free, and share one test suite enforced in CI.
✨ Features
📋 Copy Redacted (Ctrl+Shift+C)
Select code → press the shortcut → paste into any AI chat. Secrets are replaced, non-secrets are preserved. The primary workflow.
📥 Sanitized Paste (Ctrl+Shift+V)
Paste from any source with secrets automatically stripped. Works with code copied from browsers, terminals, or other files.
Note: Quell rebinds
Ctrl+Shift+Vin the editor, which conflicts with VSCode's built-in "Paste without formatting" in some contexts. If you prefer the default binding, remap Quell's Sanitised Paste via File > Preferences > Keyboard Shortcuts.
🔍 80+ Secret Patterns
Regex-based detection covering:
| Category | Examples |
|---|---|
| Cloud | AWS (AKIA...), Google Cloud, Azure |
| AI/ML | OpenAI, Anthropic, Hugging Face, Gemini |
| Payments | Stripe (sk_live_...), Square, PayPal |
| Version Control | GitHub PATs, GitLab, Bitbucket |
| Communication | Slack, Discord, Telegram, Twilio |
| Databases | PostgreSQL, MongoDB, Redis, MySQL URIs |
| Auth | JWTs, Bearer tokens, Basic Auth, OAuth |
| Crypto | RSA, EC, OpenSSH, PGP private keys |
| Hosting | Vercel, Netlify, Heroku, DigitalOcean, Fly.io |
| BaaS | Supabase (sb_publishable_..., sb_secret_...) |
| + 30 more | SendGrid, Shopify, Datadog, NPM, PyPI... |
📊 Shannon Entropy Analysis
Catches high-randomness tokens that don't match any known pattern — configurable threshold and minimum token length.
🤖 AI Indexing Shield
One-click toggle that generates .cursorignore, .codeiumignore, .aiexclude, .aiderignore, .aiignore and legacy variants — blocking AI IDEs from silently indexing your secret files.
⚡ Clipboard Sentry & Auto-Sanitize
Passive clipboard monitoring that warns you within 1 second when a secret is on your clipboard. Enable Auto-Sanitize from the sidebar dashboard to automatically replace clipboard secrets with safe placeholders — so even a regular Ctrl+V into Cursor or Windsurf chat is safe.
🔍 Live Editor Diagnostics
Exposed secrets are highlighted with yellow squiggly underlines in real-time as you type. They appear in VS Code's Problems panel. Click the 💡 lightbulb (or Ctrl+.) for a one-click Quick Fix to redact them instantly.
🔒 Secure Storage
Secrets stored in your OS Keychain via VS Code's SecretStorage API (Windows Credential Manager / macOS Keychain / libsecret). Never written to disk in plaintext. Restorable anytime.
📝 Inline Decorations
{{SECRET_xxx}} placeholders get orange dashed borders and 🔒 icons in the editor. Hover for restore options.
💬 Chat Participant (@quell)
Talk to @quell in VS Code's chat panel. Every prompt is scanned before it reaches the AI. Use /context to safely share .env file structure.
⚠️ Smart Save Warnings
Get notified when saving a file that still contains raw secrets — with a one-click "Redact Now" option. Dismiss warnings per-file for the rest of your session. They only come back if you add new secrets to that file.
⚙️ Configuration
| Setting | Default | Description |
|---|---|---|
quell.enableEntropyScanning |
true |
Enable Shannon Entropy analysis |
quell.entropyThreshold |
4.5 |
Minimum entropy to flag (2.0–7.0) |
quell.minimumTokenLength |
20 |
Minimum token length for entropy scanning |
quell.customPatterns |
[] |
Custom regex patterns ([{name, regex}]) |
quell.whitelistPatterns |
[] |
Regex patterns to exclude from detection |
quell.showInlineDecorations |
true |
Show inline decorations for placeholders |
quell.confirmBeforeRedact |
false |
Confirmation dialog before file redaction |
quell.autoSanitizeClipboard |
false |
Auto-replace clipboard secrets with placeholders |
quell.redactTestKeys |
false |
Redact officially-published test credentials (e.g. AKIAIOSFODNN7EXAMPLE) |
📦 Commands
| Command | Keybinding | Description |
|---|---|---|
| Copy Redacted | Ctrl+Shift+C |
Copy with secrets redacted |
| Sanitized Paste | Ctrl+Shift+V |
Paste with secrets stripped |
| Redact Active File | — | Redact all secrets in current file |
| Redact Selection | — | Redact secrets in selected text |
| Restore Secrets | — | Restore placeholders from Keychain |
| Scan Workspace | — | Full workspace secret audit |
| Show Log | — | Open the Quell output panel |
| Clear Vault | — | Delete all stored secrets from the OS Keychain |
🔐 Privacy & Security
- 100% offline — zero network calls, zero telemetry, zero external APIs
- OS Keychain storage — secrets encrypted at rest by your operating system
- Non-destructive — real values always restorable from the Keychain
- Open source — audit the code yourself
🤝 Compatible IDEs
| IDE | Supported | AI Shield |
|---|---|---|
| VS Code | ✅ | .aiignore |
| Cursor | ✅ | .cursorignore |
| Windsurf | ✅ | .codeiumignore (+ .windsurfignore) |
| Antigravity | ✅ | .aiexclude (+ .antigravityignore) |
| Aider | ✅ | .aiderignore |
Ignore files are best-effort context exclusion, not a hard control. For agentic tools, pair them with the Clipboard Sentry and the Claude Code plugin.
🎓 Guided Onboarding
New to Quell? On first install, a Getting Started walkthrough opens automatically in the VSCode Welcome tab. It walks you through:
- What Quell does and why you need it
- A live demo with fake credentials so you can see detection in action
- The two key shortcuts (
Ctrl+Shift+CandCtrl+Shift+V) - Setting up the AI Indexing Shield
- How your secrets are stored (OS Keychain, fully offline)
You can reopen it anytime from the Command Palette: Quell: Getting Started.
🚀 Quick Start
- Install Quell from the VS Code Marketplace
- Follow the onboarding walkthrough
- Press
Ctrl+Shift+Cto copy code safely for AI chat - Enable the AI Indexing Shield in the sidebar to block AI file indexing
- Enable Clipboard Auto-Sanitize in the sidebar for maximum protection
- Use
@quell /contextto safely share.envstructure
📄 License
MIT — free and open source.
Reviews (0)
Sign in to leave a review.
Leave a reviewNo results found