Even with an explicit steering prompt to not reading .env file, Claude would still occasionally read or even update the file. To make sure it will not read the file, you need to add it to deny list in .claude/setting.local.json { “permissions”: { “deny”: [ “Read(./.env)”, “Read(./.env.*)”, “Read(./secrets/**)” ] } } Ref: https://code.claude.com/docs/en/settings submitted by /u/theyoike
Originally posted by u/theyoike on r/ClaudeCode
You must log in or # to comment.