Docs / AI Safety Layer

AI Safety Layer

AI coding assistants read your project files to provide context-aware suggestions. This includes your .env file. The AI Safety Layer generates the right ignore files for each tool and provides a reference system that ensures AI tools never see real secret values.

The Problem

When you open a project in Cursor, Claude Code, or VS Code with Copilot enabled, the AI tool indexes files in your workspace. This context is what makes suggestions relevant — but it also means your .env file, MCP configs, and any file containing credentials can be read and sent to the AI vendor's servers.

Adding .env to .gitignore does not help — gitignore only affects git, not AI tooling.

slickenv ai protect

Generates four ignore files in one command — one for each major AI coding tool:

$ slickenv ai protect

✓ .cursorignore     created
✓ .claudeignore     created
✓ .copilotignore    created
✓ .aiexclude        created

AI tools can no longer read .env, .env.*, secret files, or MCP configs

Each file includes patterns that block .env, .env.*, *secret*, *credential*, *password*, MCP config files, SSH keys, and other high-risk file patterns.

Supported AI Tools

ToolIgnore FileNotes
Cursor.cursorignoreFollows .gitignore syntax
Claude Code.claudeignoreFollows .gitignore syntax
GitHub Copilot.copilotignoreFollows .gitignore syntax
Windsurf.aiexcludeCodeium-based tools
Continue.dev.aiexcludeOpen-source AI assistant

slickenv ai status

Check which tools are protected in the current project:

$ slickenv ai status

  Tool              Ignore File        Status
  Cursor            .cursorignore      ✓ Protected
  Claude Code       .claudeignore      ✓ Protected
  GitHub Copilot    .copilotignore     ✗ Not protected
  Windsurf          .aiexclude         ✗ Not protected

  Run slickenv ai protect to generate missing ignore files

The slickenv:// Reference System

For maximum protection, use slickenv:// placeholder references in your files instead of real values. Even if an AI tool reads a file containing references, it sees only safe placeholders — never the actual secrets.

# In your config or .env file — safe for AI tools to read:
DATABASE_URL=slickenv://DATABASE_URL
STRIPE_KEY=slickenv://STRIPE_KEY
OPENAI_API_KEY=slickenv://OPENAI_API_KEY

slickenv run

slickenv run resolves slickenv:// references at runtime and injects the real values into the child process environment. The values exist only in memory — never written to disk or printed to logs.

$ slickenv run -- node server.js
$ slickenv run -- npm run dev
$ slickenv run -- python manage.py runserver