Quickstart

Get protected in 60 seconds

One command. No account. No configuration.

Node.js 18+Works with npm, pnpm, yarn, bunNo cloud account required

Install

Install once globally. Protects every project on your machine.

terminal

npm install -g pretense

pnpmpnpm add -g pretense

yarnyarn global add pretense

bunbun add -g pretense

Initialize

Run once per project. Builds your mutation profile in .pretense/

~/your-project

pretense init

# Scans your codebase and builds .pretense/ mutation profile

# Takes ~3 seconds for a 100K-line codebase

# Nothing is sent to external servers during init

Creates .pretense/ in your project root with your mutation config and local audit log.

Start the proxy

Keep this running in a terminal tab while you work.

terminal

pretense start

# Proxy running on http://localhost:9339

# All LLM API calls now route through Pretense

# Ctrl+C to stop

The proxy must be running before you send prompts. Add pretense start to your project package.json dev scripts to start it automatically.

Route your AI tool

Point your tool at localhost:9339. One change protects everything.

Claude Codebash

ANTHROPIC_BASE_URL=http://localhost:9339 claude

Set the env var once in your shell profile and every Claude Code session is automatically protected.

Cursortext

Settings → Models → Override Base URL
http://localhost:9339

Works with every model in Cursor: Claude, GPT-4o, Gemini. One setting protects all of them.

OpenAI SDKbash

OPENAI_BASE_URL=http://localhost:9339 node your-script.js

Drop-in replacement. No code changes - just set the env var before any OpenAI SDK call.

Any OpenAI-compatible toolpython

client = OpenAI(
    base_url="http://localhost:9339",
    api_key=os.environ["OPENAI_API_KEY"],
)

Pretense speaks both the Anthropic and OpenAI wire formats. Any tool that accepts a base URL works.

Verify it is working

Scan a file to see exactly what Pretense will protect.

terminal

pretense scan src/auth.ts

Output:

getUserToken->_fn4a2b(identifier)

API_SECRET_KEY->BLOCKED(secret)

DatabaseConnection->_cls8d3f(class)

secretKey->_v9x2c(variable)

Secrets are blocked before the request leaves your machine. Identifiers are mutated and restored transparently.

Free tier limits

The local CLI is always unlimited. Limits only apply to the cloud proxy service.

Proxy mutations

1,000 / month

Local CLI: unlimited

File scans

5,000 / month

Resets on the 1st

Audit log retention

30 days

Pro: 1 year

Team seats

1 seat

Pro: unlimited

Limits reset on the 1st of each month. View Pro plans ($29/seat/mo) when you need more.

What gets protected

Pretense is identifier-level. It mutates names, not logic. LLM output quality is preserved.

Token type	Example	What Pretense sends	Status
Function names	`getUserToken`	`_fn4a2b`	mutated
Class names	`DatabaseConnection`	`_cls8d3f`	mutated
Variable names	`secretKey`	`_v9x2c`	mutated
API keys / secrets	`sk-ant-...`	`BLOCKED (request rejected)`	blocked
Comments	`// fetch user`	`// fetch user`	preserved
String literals	`"hello world"`	`"hello world"`	preserved

Comments and string literals are always preserved verbatim. This enables byte-exact round-trip reversal.

CLI quick reference

Command	Description
`pretense init`	Scan codebase and build .pretense/ project profile
`pretense start`	Start the proxy on localhost:9339
`pretense scan <file>`	Scan a file for secrets and mutable identifiers
`pretense mutate <file>`	Apply mutations and print the result
`pretense reverse <file>`	Reverse mutations - restore original identifiers
`pretense audit`	Display full mutation audit log (SOC2/HIPAA evidence)

Claude Code: MCP integration

.claude/settings.json

{
  "mcpServers": {
    "pretense": {
      "command": "pretense-mcp",
      "args": []
    }
  }
}

Next steps

You are protected. Here is where to go deeper.

Configuration

Mutation rules per repo, exclusions

Integrations

VS Code extension, GitHub Action, MCP server

How it works

Mutation algorithm deep-dive

Free vs Pro

When you need team features

Was this page helpful?