Don't send secrets to your LLM: a pre-send scanner that never stores what it finds

A code-review tool is an upload tool. When CommitBrief sends your diff to an LLM for review, every line in that diff leaves your machine — including the access key you pasted in while debugging an hour ago and forgot to pull back out. So before the diff goes anywhere, a scanner runs over it. This post is the design of that scanner, because the obvious version of it has at least three ways to make things worse.

TL;DR

A pre-send scanner runs over the diff before any provider call. Eight built-in credential patterns; you can add your own.

It records {line, pattern-name} and never the matched secret — the thing built to stop a leak can't become one.

It scans added lines only: it catches what you're about to ship, not what's already on disk.