[BUG] <system-reminder> can read sensitive selected text from .env files, no hooks available to protect our files
Resolved 💬 3 comments Opened Jan 23, 2026 by harli91 Closed Feb 27, 2026
Preflight Checklist
- [x] I have searched existing issues and this hasn't been reported yet
- [x] This is a single bug report (please file separate reports for different bugs)
- [x] I am using the latest version of Claude Code
What's Wrong?
sensitive selected text is available to claude
What Should Happen?
sensitive selected text should not be available to claude
Error Messages/Logs
Steps to Reproduce
- create .env file
- open the file in a ide
- add sensitive content to .env and then select it
- open claude
- ask it what is the value of the text that its selected
- it will display the sensitive value
Claude Model
None
Is this a regression?
Yes, this worked in a previous version
Last Working Version
_No response_
Claude Code Version
2.1.17 (Claude Code)
Platform
Anthropic API
Operating System
Windows
Terminal/Shell
PowerShell
Additional Information
_No response_
This issue has 3 comments on GitHub. Read the full discussion on GitHub ↗