npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

aiignore-cli

v1.1.0

Published

One command to protect your secrets from all AI coding tools

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Maintainers

yjcho9317yjcho9317

Keywords

aiignoresecuritysecretsai-securityai-ignorecursorcursorignorecursor-ignoreclaude-codeclaude-ignorecopilotgeminigeminiignorewindsurfcodeiumcodeiumignorejetbrainsaiignoreaideraiderignoredotfiles

Readme

aiignore

One command to protect your secrets from all AI coding tools.

Every AI tool has a different ignore mechanism — .cursorignore, .geminiignore, .codeiumignore, .aiderignore, .claude/settings.json, .aiignore — each with its own quirks and undocumented bypass bugs. aiignore scans your project, detects which tools you use, and generates the right config for each one.

Quick Start

npx aiignore-cli init

Or install globally:

npm install -g aiignore-cli
aiignore init

Requires Node.js 18+.

Why not just create the files manually?

You could. A .cursorignore takes 30 seconds to write. But:

  • Do you know that Cursor also needs .cursorignore, Claude Code needs settings.json deny rules, Gemini CLI needs .geminiignore, JetBrains needs .aiignore, and Windsurf still uses .codeiumignore?
  • Do you know that Cursor's ignore is "best-effort" with 2 known CVEs, that Gemini's negation patterns are broken, or that Copilot has no ignore file at all?
  • Do you want to research each tool's format every time you set up a new project?

aiignore does the research for you. The security data behind each tool is the real value — the CLI just applies it.

Commands

aiignore init

aiignore init

aiignore verify

aiignore verify

aiignore                             # same as aiignore init
aiignore init                        # auto-detect and generate
aiignore init --all                  # all tools, skip detection
aiignore init --only cursor          # single tool
aiignore init --only cursor,gemini   # multiple tools (comma-separated)
aiignore init --append               # add missing patterns to existing files
aiignore init --dry-run              # preview only
aiignore init --force                # overwrite existing files
aiignore init -q                     # quiet mode (no output)

aiignore verify                      # protection status table
aiignore verify --ci                 # exit 1 if unprotected
aiignore verify --strict             # exit 1 if any tool isn't best-effort
aiignore verify --json               # machine-readable output

aiignore list                        # show supported tools and aliases

Tool Support

| Tool | File Generated | Reliability | Key Issue | |------|---------------|-------------|-----------| | Cursor | .cursorignore | Low | "best-effort", agent bypass, @ reference bypass | | Claude Code | .claude/settings.json | Medium | Read() deny covers Bash too (tested) | | Copilot | guide only | None | no ignore file exists for individual devs | | Gemini CLI | .geminiignore | Low | negation patterns broken, self-blocks .env/.pem | | JetBrains AI | .aiignore | High | most reliable; AI redacts sensitive filenames | | Windsurf | .codeiumignore | Medium | negation can't override .gitignore | | Aider | .aiderignore | Medium | --aiderignore flag or /add can bypass |

What Gets Protected

Patterns are sourced from built-in defaults + security-related entries in your .gitignore:

| Category | Patterns | |----------|----------| | Environment | .env, .env.*, .env.local | | Credentials | credentials.json, service-account*.json, *secret*, token.json | | Keys | *.pem, *.key, *.p12, *.pfx, *.jks, *.gpg, *.asc | | SSH | .ssh/, id_rsa*, id_ed25519*, id_ecdsa* | | Cloud | .aws/, .gcp/, .azure/, gcloud/ | | Infrastructure | terraform.tfstate, terraform.tfvars, .docker/config.json, .kube/config | | Registry & Auth | .npmrc, .pypirc, .netrc, *.htpasswd | | App Secrets | config/secrets.yml, config/master.key, vault.json, wp-config.php | | Database | *.sqlite, *.db, dump.sql | | Certificates | *.crt, *.cer, *.ca-bundle |

Tool Aliases

--only accepts these names (comma-separated):

cursor                     -> Cursor
claude / claude-code       -> Claude Code
copilot                    -> GitHub Copilot
gemini / gemini-cli        -> Gemini CLI
jetbrains / jb             -> JetBrains AI
windsurf / codeium         -> Windsurf/Codeium
aider                      -> Aider

Run aiignore list to see all tools and aliases.

Project Configuration (.aiignorerc)

Create a .aiignorerc file in your project root to customize behavior:

{
  "tools": ["cursor", "claude", "jetbrains"],
  "extraPatterns": ["internal/", "*.staging.env"]
}
  • tools: Lock target tools instead of auto-detection. Accepts the same aliases as --only.
  • extraPatterns: Additional patterns merged into every generated ignore file.

Both fields are optional. --all and --only flags override the tools config.

Limitations

No AI tool guarantees 100% file exclusion. All tools share a common weakness: agent/terminal modes can bypass ignore files by running shell commands directly. Copilot has no ignore mechanism at all for individual developers.

This tool is one layer of defense. For production secrets, also use a secrets manager, pre-commit hooks (gitleaks, trufflehog), and keep secrets out of your project directory entirely.

For per-tool details (CVEs, known bugs, tested behavior), see AI Coding Tool Security Reference.

License

Apache-2.0