Pastewatch MCP — Secret Redaction

Prevents secrets from reaching your LLM provider. The agent works with placeholders, secrets stay local.

Source: https://github.com/ppiankov/pastewatch

Install

CODEBLOCK0

Verify: pastewatch-cli version (expect 0.24.1+)

MCP Server Setup

CODEBLOCK1

Severity threshold: pastewatch-cli mcp --min-severity medium or set mcpMinSeverity in .pastewatch.json.

Agent Integration (one-command setup)

CODEBLOCK2

INLINECODE4 aligns thresholds. --project for project-level config. Idempotent — safe to re-run.

MCP Tools

Tool	Purpose
INLINECODE6	Read file with secrets replaced by placeholders
INLINECODE7

Placeholder format: __PW_TYPE_N__ (changed from __PW{TYPE_N}__ in v0.19.7 for LLM proxy compatibility). Configurable via placeholderPrefix.

API Proxy — Last Line of Defense

Catches secrets from sub-agents that bypass hooks and MCP. Sits between your agent and the LLM provider, scanning all outbound requests.

v0.24.0+: Alert injection — when secrets are redacted, a [PASTEWATCH] alert is prepended to the API response so the agent gets immediate feedback. Disable with --no-alert.

CODEBLOCK3

Detected Secret Types (36)

Includes: AWS, Anthropic, OpenAI, Groq, Perplexity, Hugging Face, Workledger (wl_sk_), Oracul (vc_*_), npm, PyPI, RubyGems, GitLab, Telegram Bot, SendGrid, Shopify, DigitalOcean, Slack/Discord webhooks, Azure connections, GCP service accounts, SSH keys, JWTs, JDBC URLs, XML credentials, DB connections, emails, IPs, cards, and more.

Proxy + Chainwatch Chain (recommended for OpenClaw)

Stack both proxies for defense-in-depth:

CODEBLOCK4

Setup as systemd services:

CODEBLOCK5

Rollback: Stop pastewatch-proxy, revert chainwatch --upstream to https://api.anthropic.com, restart chainwatch.

Guard — Block Secret-Leaking Commands

CODEBLOCK6

Covers: shell builtins, DB CLIs (psql/mysql/mongosh/redis-cli/sqlite3), infra tools (ansible/terraform/docker/kubectl/helm), scripting (python/ruby/node/perl/php), file transfer (scp/rsync/ssh), pipe chains, subshells, redirects.

File Watcher

CODEBLOCK7

Canary Tokens

CODEBLOCK8

Encrypted Vault

CODEBLOCK9

Git History Scanning

CODEBLOCK10

Deduplicates by fingerprint. Output: text, json, sarif, markdown.

Org Posture Scanning

CODEBLOCK11

Dashboard & Reports

CODEBLOCK12

Configuration

CODEBLOCK13

Config cascade: /etc/pastewatch/config.json (admin) > project .pastewatch.json > ~/.config/pastewatch/config.json.

Features: sensitiveHosts, sensitiveIPPrefixes, xmlSensitiveTags, mcpMinSeverity, placeholderPrefix.

Detection Scope

30+ types: AWS keys/secrets, Anthropic/OpenAI/HuggingFace/Groq/Perplexity keys, DB connections, JDBC URLs, SSH keys, JWTs, emails, IPs, credit cards (Luhn), Slack/Discord webhooks, Azure, GCP service accounts, npm/PyPI/RubyGems/GitLab tokens, Telegram bot tokens, XML credentials, and more.

Gitignore-aware scanning (v0.21.0+). Deterministic regex. No ML. No API calls.

Limitations

- Protects secrets from reaching LLM provider — does NOT protect prompt content or code structure
For full privacy, use a local model

This tool follows the Agent-Native CLI Convention. Validate with: INLINECODE29

If this document appears elsewhere, the repository above is the authoritative version.

技能名称: pastewatch-mcp

详细描述:

Pastewatch MCP — 秘密信息脱敏

防止机密信息泄露到您的LLM提供商。代理使用占位符工作，机密信息保留在本地。

来源： https://github.com/ppiankov/pastewatch

安装

bash

macOS

brew install ppiankov/tap/pastewatch

Linux（二进制文件 + 校验和）

curl -fsSL https://github.com/ppiankov/pastewatch/releases/latest/download/pastewatch-cli-linux-amd64 \ -o /usr/local/bin/pastewatch-cli curl -fsSL https://github.com/ppiankov/pastewatch/releases/latest/download/pastewatch-cli-linux-amd64.sha256 \ -o /tmp/pastewatch-cli.sha256 cd /usr/local/bin && sha256sum -c /tmp/pastewatch-cli.sha256 chmod +x /usr/local/bin/pastewatch-cli

验证：pastewatch-cli version（预期版本 0.24.1+）

MCP 服务器设置

bash
mcporter config add pastewatch --command pastewatch-cli mcp --audit-log /var/log/pastewatch-audit.log
mcporter list pastewatch --schema # 6 个工具

严重性阈值： pastewatch-cli mcp --min-severity medium 或在 .pastewatch.json 中设置 mcpMinSeverity。

代理集成（一键设置）

bash
pastewatch-cli setup claude-code # 钩子 + MCP + CLAUDE.md 片段 + 医生检查
pastewatch-cli setup cline # MCP + 钩子指令
pastewatch-cli setup cursor # MCP + 建议

--severity 对齐阈值。--project 用于项目级配置。幂等性——可安全重复运行。

MCP 工具

工具	用途
pastewatchreadfile	读取文件，机密信息替换为占位符
pastewatchwritefile

占位符格式： PWTYPEN（在 v0.19.7 中从 PW{TYPE_N} 更改，以兼容 LLM 代理）。可通过 placeholderPrefix 配置。

API 代理 — 最后一道防线

捕获来自绕过钩子和 MCP 的子代理的机密信息。位于您的代理和 LLM 提供商之间，扫描所有出站请求。

v0.24.0+：警报注入 — 当机密信息被脱敏时，[PASTEWATCH] 警报会被添加到 API 响应前面，以便代理立即获得反馈。使用 --no-alert 禁用。

bash
pastewatch-cli proxy # 扫描所有出站 API 请求
pastewatch-cli proxy --port 9998 --upstream https://api.anthropic.com
pastewatch-cli proxy --port 9998 --upstream https://api.anthropic.com --no-alert # 静默脱敏
pastewatch-cli proxy --forward-proxy http://corporate:8080 # 与企业代理链式连接
pastewatch-cli proxy --severity medium --audit-log /var/log/pastewatch-proxy.log

检测到的机密类型（36 种）

包括：AWS、Anthropic、OpenAI、Groq、Perplexity、Hugging Face、Workledger（wlsk）、Oracul（vc*）、npm、PyPI、RubyGems、GitLab、Telegram Bot、SendGrid、Shopify、DigitalOcean、Slack/Discord Webhook、Azure 连接、GCP 服务账户、SSH 密钥、JWT、JDBC URL、XML 凭据、数据库连接、电子邮件、IP、信用卡等。

代理 + Chainwatch 链（推荐用于 OpenClaw）

堆叠两个代理以实现纵深防御：

OpenClaw → chainwatch:9999（策略） → pastewatch:9998（机密信息） → api.anthropic.com

设置为 systemd 服务：

bash

1. Pastewatch 代理（先启动）

cat > /etc/systemd/system/pastewatch-proxy.service << EOF
[Unit]
Description=Pastewatch API 代理（机密信息脱敏）
After=network-online.target
Before=chainwatch-intercept.service
[Service]
Type=simple
ExecStart=/usr/local/bin/pastewatch-cli proxy \
--port 9998 --upstream https://api.anthropic.com \
--severity high --audit-log /var/log/pastewatch-proxy.log
Restart=always
RestartSec=3
MemoryMax=128M
[Install]
WantedBy=multi-user.target
EOF

2. 更新 chainwatch 以转发到 pastewatch（而非直接 Anthropic）

将 --upstream 从 https://api.anthropic.com 更改为 http://localhost:9998

3. 启用并启动

systemctl daemon-reload systemctl enable pastewatch-proxy systemctl start pastewatch-proxy systemctl restart chainwatch-intercept

回滚： 停止 pastewatch-proxy，将 chainwatch 的 --upstream 恢复为 https://api.anthropic.com，重启 chainwatch。

防护 — 阻止泄露机密的命令

bash
pastewatch-cli guard cat .env # 如果 .env 有机密信息则阻止
pastewatch-cli guard psql -f migrate.sql # 扫描 SQL 文件
pastewatch-cli guard docker-compose up # 扫描 env_files

涵盖：Shell 内置命令、数据库 CLI（psql/mysql/mongosh/redis-cli/sqlite3）、基础设施工具（ansible/terraform/docker/kubectl/helm）、脚本（python/ruby/node/perl/php）、文件传输（scp/rsync/ssh）、管道链、子 Shell、重定向。

文件监视器

bash
pastewatch-cli watch . # 持续监控，实时检测

蜜罐令牌

bash
pastewatch-cli canary generate --prefix myagent
pastewatch-cli canary verify
pastewatch-cli canary check --log /var/log/app.log

加密保险库

bash
pastewatch-cli --init-key # 256 位密钥，权限模式 0600
pastewatch-cli fix --encrypt # → ChaCha20-Poly1305 保险库
pastewatch-cli vault list | decrypt | export | rotate-key

Git 历史扫描

bash
pastewatch-cli scan --git-log
pastewatch-cli scan --git-log --range HEAD~50..HEAD --since 2025-01-01

按指纹去重。输出格式：文本、json、sarif、markdown。

组织态势扫描

bash
pastewatch-cli posture --org ppiankov # 扫描组织/用户中的所有仓库
pastewatch-cli posture --repos org/repo1,org/repo2
pastewatch-cli posture --compare previous.json # 趋势跟踪
pastewatch-cli posture --findings-only # 隐藏干净的仓库

仪表盘与报告

bash
pastewatch-cli dashboard # 跨会话聚合
pastewatch-cli report --audit-log /var/log/pastewatch-audit.log
pastewatch-cli report --format json --since 2026-03-01T00:00:00Z

配置

bash
pastewatch-cli init # 生成 .pastewatch.json
pastewatch-cli init --profile banking # 企业级：JDBC、RFC 1918 IP、服务账户
pastewatch-cli config # 显示已解析的配置
pastewatch-cli doctor # 健康检查

配置级联：/etc/pastewatch/config.json（管理员）> 项目 .pastewatch.json > ~/.config/pastewatch/config.json。

功能：sensitiveHosts、sensitiveIPPrefixes、xmlSensitiveTags、mcpMinSeverity、placeholderPrefix。

检测范围

30 多种类型：AWS 密钥/机密、Anthropic/OpenAI/HuggingFace/Groq/Perplexity 密钥、数据库连接、JDBC URL、SSH 密钥、JWT、电子邮件、IP、信用卡（Luhn 算法）、Slack/Discord Webhook、Azure、GCP 服务账户、

pastewatch-mcp秘密编辑MCP服务器

pastewatch-mcp

Pastewatch MCP — Secret Redaction

Install

MCP Server Setup

Agent Integration (one-command setup)

MCP Tools

API Proxy — Last Line of Defense

Detected Secret Types (36)

Proxy + Chainwatch Chain (recommended for OpenClaw)

Guard — Block Secret-Leaking Commands

File Watcher

Canary Tokens

Encrypted Vault

Git History Scanning

Org Posture Scanning

Dashboard & Reports

Configuration

Detection Scope

Limitations

Pastewatch MCP — 秘密信息脱敏

安装

macOS

Linux（二进制文件 + 校验和）

MCP 服务器设置

代理集成（一键设置）

MCP 工具

API 代理 — 最后一道防线

检测到的机密类型（36 种）

代理 + Chainwatch 链（推荐用于 OpenClaw）

1. Pastewatch 代理（先启动）

2. 更新 chainwatch 以转发到 pastewatch（而非直接 Anthropic）

将 --upstream 从 https://api.anthropic.com 更改为 http://localhost:9998

3. 启用并启动

防护 — 阻止泄露机密的命令

文件监视器

蜜罐令牌

加密保险库

Git 历史扫描

组织态势扫描

仪表盘与报告

配置

检测范围

标签

通过对话安装

方式一：安装 SkillHub 和技能

方式二：设置 SkillHub 为优先技能安装源

通过命令行安装

下载

相关推荐

self-improvement

self-improvement

self-improvement

self-improvement