LOCAL PROXY · CLAUDE CODE · 0 TELEMETRY

The Privacy Proxy for Claude Code.
Work without
sending secrets.

A local privacy proxy that intercepts Claude Code prompts and masks API keys, tokens, and personal data before they leave your machine. ~0.02 ms on a typical prompt.

See live demo →
14 days freeNo cardGDPR-readyWindows · Linux · macOS coming soon
Powered by
// LIVE PROXY · INTERCEPT0.02ms
OUTGOING · MASKEDSAFE TO SEND
12DATABASE_URL="postgresql://admin:[redacted_pwd_01]
13STRIPE_KEY=[redacted_stripe_01]
14AWS_SECRET=[redacted_aws_01]
15USER_EMAIL=[redacted_pii_01]
Built for
Claude Code
Codex coming soon

Every prompt is a potential leak.

"I'm just asking it to refactor a function." And yet, Claude Code just uploaded your entire .env to the cloud.

You ask for help with that function. Your IDE loads the file. Which imports from a config module. Which your agent includes in context. Which contains your production database URL.

This is what gets sent to Claude right now, with no protection:

You can't watch every prompt. Your team can't either.

One .env in context. One secret in a comment. One moment of inattention. This is not a theoretical risk — it's happening in every coding session, right now.

POST · api.anthropic.com/v1/messagesUNFILTERED
→ full access to your AWS account
→ production database credentials
→ your entire payment processing (Stripe live)
→ your full codebase and org repos
→ user PII in logs and tests

One silent layer between you and the cloud.

TigerMole runs as a local proxy on your machine. Watch what happens to a real request: intercepted, scanned against 111 rules, masked in ~0.02 ms — and restored on the way back.

tigermole · intercept
INTERCEPT
Claude CodeYOUR MACHINE
LogoTigerMole127.0.0.1:9800restoring placeholders…
api.anthropic.comnever sees secrets
Traffic inspector 127.0.0.1:9800 -> api.anthropic.com
Local request
$ claude "fix the flaky payments test"
⎿ reading src/services/payments.ts · .env.production
Stays on your machine
Local decision
STRIPE_KEY=sk_live_51N3Hq8K4xR9Lp2vNwA007 · Stripe Secret Key
A007 / Stripe Secret Key
Placeholder sent
Outbound payload
POST api.anthropic.com/v1/messages
← 200 · STRIPE_KEY=[redacted_stripe_01]
✓ Restored locally — the secret never left your machine.
100% local

The proxy runs on your machine. Your code and secrets never reach TigerMole's servers.

Works offline

After activation it runs with no cloud dependency — just a license revalidation every 15 days.

~0.02 ms overhead

Masking adds a couple of milliseconds. You won't feel it in your workflow.

Local audit log

Every masking decision is logged on your machine — tamper-evident, optionally encrypted with your own key.

Try it yourself below ↓

Write what you'd send to Claude.
See what leaves your machine.

This runs in your browser with a subset of the same rule families Tigermole applies locally. Nothing is sent to any server.

tigermole · session
MASKING ACTIVE
// Your prompt to Claude CodeUNPROTECTED
TIGERMOLE
— ms
// What goes out to the cloudSAFE
# .env.production DATABASE_URL=[redacted_pg_url_01] STRIPE_KEY=[redacted_stripe_01] AWS_ACCESS_KEY=[redacted_aws_access_01] AWS_SECRET_KEY=[redacted_aws_secret_01] GITHUB_TOKEN=[redacted_github_01] ADMIN_EMAIL=[redacted_email_01]

111 rules. Compiled in. Zero configuration.

If it shouldn't leave your network, Tigermole catches it. Rules written in Rust, compiled into the binary. No remote updates, no telemetry.

CAT · IA
AI & API Keys

OpenAI · Anthropic/Claude · Google Gemini · Mistral · Cohere · Perplexity · Replicate · HuggingFace

sk-ant-…sk-…AIza…co-…
CAT · CLOUD
Cloud & Infrastructure

AWS · Azure · GCP · Terraform Cloud · HashiCorp Vault · DigitalOcean · Vercel · Netlify

AKIA…hvs.…do_…ya29…
CAT · DB
Databases & Connection Strings

PostgreSQL · MySQL · MongoDB · Redis · Elasticsearch · Supabase — full connection strings with embedded passwords

postgresql://mongodb+srv://redis://
CAT · DEVOPS
Code & DevOps

GitHub · GitLab · npm auth · PyPI · CircleCI · Jenkins · Bitbucket

CAT · PAYMENTS
Payments & Auth

Stripe · Twilio · SendGrid · OAuth secrets · JWT secrets · RSA/EC private keys

CAT · GDPR · ART. 4
Personal Data (GDPR Art. 4)

Email addresses · ID/passport numbers · Credit cards (Luhn-validated) · IBAN · SSN

PERFORMANCE
Sub-0.02 ms on a typical prompt

P50 0.02 ms · P95 0.03 ms on a typical prompt. P95 0.465 ms on clean text up to 64 KB. Measured per request in release.

P50 0.02ms · P95 0.03ms
0
5ms
ARCHITECTURE
Zero telemetry. Verifiable.

Your code and your prompts only travel to Anthropic — already masked. The only other connections are your license activation and its renewal against api.tigermole.com (which never include your code, prompts, or secrets) and a latency ping. Zero telemetry. Masking runs 100% on your machine.

0 telemetrymasking 100% local30-day offline grace

If something fails,
the request is blocked.
Never the other way around.

Most tools let data through when they're unsure. Tigermole does the opposite. If the masking engine fails for any reason — panic, timeout, parse error — the request is blocked entirely. It will never forward unmasked data. Ever. This is not a setting. Not a toggle. It's how it's built.

// engine.rs
match engine.mask(&payload) {
  Ok(safe)  => forward(safe).await,
  Err(_)   => reject_with_503(),
}

// covered by 47 explicit tests
// non-configurable. by design.
View all 111 detection rules

Built for security. Proven by design.

Zero trust in the tool. Full control for your security team.

Network surface
Zero telemetry. Verifiable.

Your code and your prompts only travel to Anthropic — already masked. The only other connections are your license activation and its periodic renewal against api.tigermole.com, which never include your code, prompts, or secrets. No telemetry. Masking runs entirely on your machine and keeps working offline for up to 30 days.

0 TELEMETRY · LOCAL MASKING
Failure mode
Fail-safe by default

If the masking engine encounters any error — panic, timeout, parse failure — the request is blocked, not forwarded. Your secrets don't leave even when something goes wrong. This behavior is covered by explicit tests and is not configurable.

FAIL-CLOSED · NON-CONFIGURABLE
Performance
Typical latency: 0.02 ms

P50 0.02 ms · P95 0.03 ms on a typical prompt. Clean text up to 64 KB reaches P95 0.465 ms. Secret-dense payloads are a separate workload and are documented.

P50 0.02 MS · P95 0.03 MS
Audit log
Cryptographic audit trail

Every log entry is chained with SHA-256 and, on Team plans, signed with ED25519 and optionally encrypted with your own X25519 key. Tamper-evident by design. Defensible under GDPR Article 32.

SHA-256 CHAIN · ED25519
Rule integrity
Rules compiled into the binary

All 111 detection rules ship compiled into the binary — no remote rule updates, nothing to misconfigure. Developers manage local allowlists for false positives; the rule set itself cannot be silently altered.

COMPILED-IN · LOCAL ALLOWLISTS

Every role has a reason to protect their prompts.

From individual developers to compliance teams.

CTOs & Security leads

One deploy. Tamper-evident audit logs included.

Ships via your existing toolchain — EXE / MSI · DEB. Structured audit logs, no extra process overhead.

Dev teams

Zero accidental key leaks.

The same compiled-in rules on every machine, invisible in daily work. Your most junior dev can't leak what never leaves the machine.

DPOs & Compliance teams

Tamper-evident logs for regulators.

Every masked event recorded with what, when, and why. Defensible documentation without building custom tooling.

Individual developers

Use AI freely on any codebase.

Even on client code. Stop second-guessing what landed in the model's context window.

Start free. Scale when you need it.

Try Individual free for 14 days. Team is purchased directly for 1 to 20 seats.

T-01
For solo developers
9,99€/ month
per user · monthly billing
  • 1 developer · 1 machine
  • 111 detection rules
  • Windows · Linux · macOS coming soon
  • Community support
SLA
T-03
For CTOs and compliance teams
Custom
volume pricing · >20 seats
  • Everything in Team
  • Custom detection rules
  • Custom volume-based pricing
  • Tailor-made app build with your branding and rules
  • SLA + dedicated support
  • Custom onboarding

You can't unsend a secret.
But you can make sure you never send one.

No card. No cloud account. No config changes.
Installed in 60 seconds.

WINDOWS 10+ · UBUNTU 20.04+ / DEBIAN 11+ · MACOS COMING SOON

Your privacy, your choice

We use essential storage to keep the site working and, only with your consent, analytics through PostHog and Google Analytics 4. We do not load advertising providers. Read our Privacy Policy.