[SECURITY] Suppress ANTHROPIC_API_KEY from environment variables available to generated shell commands

Resolved 💬 5 comments Opened Oct 23, 2025 by dsyme Closed Jan 13, 2026

Preflight Checklist

  • [x] I have searched existing requests and this feature hasn't been requested yet
  • [x] This is a single feature request (not multiple features)

Problem Statement

When I run Claude Code, it can generate shell commands and run them. These shell commands have access to environment variables like ANTHROPIC_API_KEY. I'd like to suppress this access to these environment variables.

For example:

ANTHROPIC_API_KEY=... claude -p "use a shell command to print the value of env var ANTHROPIC_API_KEY" --dangerously-skip-permissions

I'd like a way to configure claude so the shell commands can't see ANTHROPIC_API_KEY. The env var is only provided for auth reasons, and there's no reason why bash commands should be able to see it.

Proposed Solution

e.g. a new flag to suppress passing ANTHROPIC_API_KEY and other env vars through. Or just always suppress passing ANTHROPIC_API_KEY through - there are I think no good use cases for allowing it to leak to shell commands.

Alternative Solutions

It looks like you can use apiKeyHelper to auth and have that delete the key file on first read:

( echo "sk-ant-****" > /tmp/cc1); claude --settings '{ "apiKeyHelper": "sh -c '\''key=$(cat /tmp/cc1); rm -f /tmp/claude_api_key; echo $key'\''" }' -p "use bash to show the value of ANTHROPIC_API_KEY" --dangerously-skip-permissions

Priority

Critical - Blocking my work

Feature Category

CLI commands and flags

Use Case Example

_No response_

Additional Context

_No response_

View original on GitHub ↗

This issue has 5 comments on GitHub. Read the full discussion on GitHub ↗