Pretense
Back to Blog
·6 min read
TutorialClaude Code

Securing Claude Code: A Step-by-Step Guide

This guide shows exactly how to route Claude Code through Pretense in under 5 minutes.

Why Claude Code Needs Protection

Claude Code is one of the most capable AI coding tools available. It can read your entire codebase, write tests, refactor complex functions, and fix bugs across files. That power comes with a risk: every prompt you send includes your actual code.

Function names, class hierarchies, internal API patterns, authentication logic, database schemas — all of it goes to Anthropic's API on every Claude Code session.

This guide shows how to route Claude Code through Pretense in under 5 minutes.

Step 1: Install Pretense

bash
npm install -g pretense

Requires Node.js 20+.

Step 2: Initialize in Your Project

bash
cd your-project
pretense init

This creates a `.pretense/` directory with: - `config.yaml` — mutation rules and provider settings - `mutation-map.json` — (initially empty) persistent mutation map - `audit.log` — mutation history

Step 3: Start the Proxy

bash
pretense start

Output: ``` ✓ Pretense proxy running on localhost:9339 ✓ Mutation engine initialized ✓ Provider: Anthropic (forwarding to api.anthropic.com) ```

Step 4: Route Claude Code Through Pretense

Set the `ANTHROPIC_BASE_URL` environment variable to point to your Pretense proxy:

bash
ANTHROPIC_BASE_URL=http://localhost:9339 claude "refactor auth.ts"

Or add it to your shell profile for permanent routing:

bash
# ~/.zshrc or ~/.bashrc
export ANTHROPIC_BASE_URL=http://localhost:9339

Step 5: Verify Protection

Run a scan to see what Pretense is protecting:

bash
pretense scan auth.ts

Output: ``` Scanning auth.ts... ⚠ ANTHROPIC_API_KEY BLOCKED (secret) ~ getUserToken queued → _fn4a2b ~ verifyJwtClaims queued → _fn8c3d ~ AuthService queued → _cls5b7a ~ authPayload queued → _v1e9f ```

Step 6: Add the MCP Server (Optional but Recommended)

Pretense ships an MCP server that registers directly with Claude Code, enabling automatic pre-send scanning on every session:

json
// .claude/settings.json
{
  "mcpServers": {
    "pretense": {
      "command": "pretense-mcp",
      "args": []
    }
  }
}

With the MCP server active, Claude Code will call `pretense_scan` before sending any tool result that contains code, giving you a second layer of protection.

Audit Your Sessions

After running a few Claude Code sessions, check the audit log:

bash
pretense audit
Session: 2025-03-29T14:32:11Z
  Mutations: 14
  Secrets blocked: 2
  Round-trip fidelity: 100%

Session: 2025-03-29T14:45:22Z Mutations: 8 Secrets blocked: 0 Round-trip fidelity: 100% Provider: Anthropic ```

What Gets Protected

By default, Pretense mutates: - Function and method names - Class and interface names - Variable names in function scope - Environment variable references

Pretense blocks (does not forward): - API keys (pattern-matched against 30+ provider formats) - Database connection strings - Private keys and certificates - JWT secrets

Pretense preserves (never mutated): - String literals (may contain user-facing content) - Comments (for context) - Type annotations

You're Done

That's it. Claude Code now routes through Pretense. Your proprietary identifiers are mutated before reaching Anthropic's API, and reversed in the response so you get working code back.

[View full CLI reference →](/docs)

Share this article

Share on XShare on LinkedIn
Get Started with Pretense →More Articles
Ask me anything