🤖

Pastewatch MCP

Secret redaction MCP server for OpenClaw agents. Prevents API keys, DB credentials, SSH keys, emails, IPs, JWTs, and 29+ other secret types from leaking to L...

下载122

星标0

版本1.1.3

安全合规

安全通过

💬Prompt

在 App 中使用在 ClawHub 查看 ↗

技能说明

name: pastewatch-mcp description: Secret redaction MCP server for OpenClaw agents. Prevents API keys, DB credentials, SSH keys, emails, IPs, JWTs, and 29+ other secret types from leaking to LLM providers. Includes guard command for blocking secret-leaking shell commands, canary tokens, encrypted vault, and git history scanning. Use when reading/writing files that may contain secrets, setting up agent security, or auditing for credential exposure. metadata: {"openclaw":{"requires":{"bins":["pastewatch-cli","mcporter"]}}}

Pastewatch MCP — Secret Redaction

Prevents secrets from reaching your LLM provider. The agent works with placeholders, secrets stay local.

Source: https://github.com/ppiankov/pastewatch

Install

# macOS
brew install ppiankov/tap/pastewatch

# Linux (binary + checksum)
curl -fsSL https://github.com/ppiankov/pastewatch/releases/latest/download/pastewatch-cli-linux-amd64 \
  -o /usr/local/bin/pastewatch-cli
curl -fsSL https://github.com/ppiankov/pastewatch/releases/latest/download/pastewatch-cli-linux-amd64.sha256 \
  -o /tmp/pastewatch-cli.sha256
cd /usr/local/bin && sha256sum -c /tmp/pastewatch-cli.sha256
chmod +x /usr/local/bin/pastewatch-cli

Verify: pastewatch-cli version (expect 0.18.0+)

MCP Server Setup

mcporter config add pastewatch --command "pastewatch-cli mcp --audit-log /var/log/pastewatch-audit.log"
mcporter list pastewatch --schema  # 6 tools

Agent Integration (one-command setup)

pastewatch-cli setup claude-code    # hooks + MCP config
pastewatch-cli setup cline          # MCP + hook instructions
pastewatch-cli setup cursor         # MCP + advisory

--severity aligns hook blocking and MCP redaction thresholds. --project for project-level config.

MCP Tools

Tool	Purpose
`pastewatch_read_file`	Read file with secrets replaced by `__PW{TYPE_N}__` placeholders
`pastewatch_write_file`	Write file, resolving placeholders back to real values locally
`pastewatch_check_output`	Verify text contains no raw secrets before returning
`pastewatch_scan`	Scan text for sensitive data
`pastewatch_scan_file`	Scan a file
`pastewatch_scan_dir`	Scan directory recursively

Guard — Block Secret-Leaking Commands

Complements chainwatch: chainwatch blocks destructive commands, guard blocks commands that would leak secrets.

pastewatch-cli guard "cat .env"              # BLOCKED if .env has secrets
pastewatch-cli guard "psql -f migrate.sql"   # scans SQL file
pastewatch-cli guard "docker-compose up"     # scans referenced env_files

Guard understands:

Shell builtins: cat, echo, env, printenv, source, curl, wget
DB CLIs: psql, mysql, mongosh, redis-cli, sqlite3 (connection strings, -f flags, passwords)
Infra tools: ansible, terraform, docker, kubectl, helm (env-files, var-files)
Scripting: python, ruby, node, perl, php (script file args)
File transfer: scp, rsync, ssh, ssh-keygen
Pipe chains (|) and command chaining (&&, ||, ;) — each segment scanned
Subshell extraction: $(cat .env) and backtick expressions
Redirect operators: >, >>, <, 2> — scans source files

Canary Tokens

Generate format-valid but non-functional tokens to detect leaks:

pastewatch-cli canary generate --prefix myagent    # creates canaries for 7 secret types
pastewatch-cli canary verify                        # confirms detection rules catch them
pastewatch-cli canary check --log /var/log/app.log  # search logs for leaked canaries

Encrypted Vault

Store secrets encrypted locally instead of plaintext .env:

pastewatch-cli --init-key                    # generate 256-bit key (.pastewatch-key, mode 0600)
pastewatch-cli fix --encrypt                 # secrets → ChaCha20-Poly1305 vault
pastewatch-cli vault list                    # show entries without decrypting
pastewatch-cli vault decrypt                 # export to .env for deployment
pastewatch-cli vault export                  # print export VAR=VALUE for shell
pastewatch-cli vault rotate-key              # re-encrypt with new key

Git History Scanning

pastewatch-cli scan --git-log                          # scan full history
pastewatch-cli scan --git-log --range HEAD~50..HEAD    # last 50 commits
pastewatch-cli scan --git-log --since 2025-01-01       # since date

Deduplicates by fingerprint — same secret across commits reported once at introduction point.

Session Reports

pastewatch-cli report --audit-log /var/log/pastewatch-audit.log
pastewatch-cli report --format json --since 2026-03-01T00:00:00Z

Detection Scope

29+ types: AWS, Anthropic/OpenAI/HuggingFace/Groq keys, DB connections, SSH keys, JWTs, emails, IPs, credit cards (Luhn), Slack/Discord webhooks, Azure, GCP service accounts, npm/PyPI/RubyGems/GitLab tokens, Telegram bot tokens, and more.

Deterministic regex. No ML. No API calls. Microseconds per scan.

Limitations

Protects secrets from reaching LLM provider — does NOT protect prompt content or code structure
For full privacy, use a local model

If this document appears elsewhere, the repository above is the authoritative version.

如何使用「Pastewatch MCP」？

打开小龙虾AI（Web 或 iOS App）
点击上方「立即使用」按钮，或在对话框中输入任务描述
小龙虾AI 会自动匹配并调用「Pastewatch MCP」技能完成任务
结果即时呈现，支持继续对话优化