Tatu: Open-source security layer for Claude Code blocks secrets and destructive commands
What Tatu does
Tatu is an open-source security layer built specifically for Claude Code. It functions as a hook system that intercepts every Claude Code action in real time before execution.
Key security features
- Blocks leaked secrets (like AWS keys written to config files)
- Flags PII (personally identifiable information)
- Denies destructive commands (such as 'rm -rf' in wrong directories)
Deployment and setup
Everything runs on your own infrastructure. The installation process is straightforward:
pip/pipx install tatu-hook
tatu-hook initThis puts you in audit mode immediately. The developer notes it's been running in production for them for a while, though it's still early days for the project.
Source information
The tool was created by a developer who has been using Claude Code heavily for months and became concerned about potential security risks. The motivation specifically mentions preventing AWS keys from being written to config files and avoiding destructive commands like 'rm -rf' in incorrect directories.
GitHub repository: github.com/laboratoriohacker-com/tatu
Project site: https://tatu.sh
📖 Read the full source: r/ClaudeAI
👀 See Also
companion-capture: Tool saves Claude Code's ephemeral speech bubbles
companion-capture is an open-source tool that captures Claude Code's companion character speech bubbles before they vanish from the terminal. It saves messages to markdown files and SQLite for search, using VT100 screen buffer parsing to track cursor positions.
Reddit user measures MCP token overhead: 67K tokens consumed before any question
A developer measured their MCP server token overhead at 67,000 tokens consumed before typing a single question, with Playwright MCP using 13,600 tokens and GitHub MCP using 18,000 tokens idle. They replaced MCP with skills and CLI tools for lower context costs.
Developer Creates Practical Claude Skills for Kotlin Multiplatform Projects
A developer built a public repository of Claude skills specifically for Kotlin Multiplatform work after finding existing skills too generic, opinionated, or thin. The skills cover architecture reviews, feature implementation, modularization, Compose Multiplatform UI, navigation, platform bridges, deep links, adaptive UI, testing, and build governance.
VSCode-Perplexity-MCP: Use Your Perplexity Account for Free AI Search in VS Code
An open-source MCP server that lets you connect your Perplexity.ai account to VS Code, giving Clawbot search, reasoning, and compute capabilities without paying per API request.