Oh Calude how can i trust you...

After working with Claude, I realized I had zero visibility into what was eating my tokens or what security risks were being taken. So, I built a pkg that sits between you and Claude, reading every tool call before it executes. It catches leaked credentials, detects when an agent is spinning in circles, and lets you set guardrails without manual intervention. I ran it on my own session history from the last few days. Here’s what it found: - 12 leak candidates: 4 were real, while the others were