Just encountered this: Claude Code DOES read all your secret, *.env, etc files by default, even if it's in the .gitignore
You can add deny read rules (~/.claude/settings.json):
"permissions": {
"deny": [
"Read(**/*.env*)",
"Read(**/*.pem)",
"Read(**/*.key)",
"Read(**/secrets/**)",
"Read(**/credentials/**)",
"Read(**/.aws/**)",
"Read(**/.ssh/**)",
"Read(**/docker-compose*.yml)",
"Read(**/config/database.yml)"
]
} 3 replies
0 recast
9 reactions
1 reply
0 recast
1 reaction
1 reply
0 recast
0 reaction