[SECURITY] Suppress ANTHROPIC_API_KEY from environment variables available to generated shell commands
Preflight Checklist
- [x] I have searched existing requests and this feature hasn't been requested yet
- [x] This is a single feature request (not multiple features)
Problem Statement
When I run Claude Code, it can generate shell commands and run them. These shell commands have access to environment variables like ANTHROPIC_API_KEY. I'd like to suppress this access to these environment variables.
For example:
ANTHROPIC_API_KEY=... claude -p "use a shell command to print the value of env var ANTHROPIC_API_KEY" --dangerously-skip-permissions
I'd like a way to configure claude so the shell commands can't see ANTHROPIC_API_KEY. The env var is only provided for auth reasons, and there's no reason why bash commands should be able to see it.
Proposed Solution
e.g. a new flag to suppress passing ANTHROPIC_API_KEY and other env vars through. Or just always suppress passing ANTHROPIC_API_KEY through - there are I think no good use cases for allowing it to leak to shell commands.
Alternative Solutions
It looks like you can use apiKeyHelper to auth and have that delete the key file on first read:
( echo "sk-ant-****" > /tmp/cc1); claude --settings '{ "apiKeyHelper": "sh -c '\''key=$(cat /tmp/cc1); rm -f /tmp/claude_api_key; echo $key'\''" }' -p "use bash to show the value of ANTHROPIC_API_KEY" --dangerously-skip-permissions
Priority
Critical - Blocking my work
Feature Category
CLI commands and flags
Use Case Example
_No response_
Additional Context
_No response_
This issue has 5 comments on GitHub. Read the full discussion on GitHub ↗