Security Tool

Code Sanitizer

Strip dangerous patterns from AI-generated code before execution. Catch eval(), exec(), system calls, and network requests before they run.

Install

Get the CLI Tool

Run the code sanitizer locally as an MCP server, or try it online below.

npx @clinetools/code-sanitizer

Requires Node.js 18+

Detects 30+ dangerous code patterns across JS, Python, and shell
Strips or warns on eval(), exec(), spawn(), system calls
Catches network requests: fetch(), http, XMLHttpRequest, WebSocket
Configurable allowlists — permit patterns you trust
Preference conversation on first run — tool adapts to your workflow

Tutorial

How to Use It

Three ways to sanitize code — pick the one that fits your workflow.

Try Online

Paste code below to scan for dangerous patterns — no install needed.

↓ Jump to interactive demo

Use via CLI

Run as a local MCP server. On first run it asks about your preferences.

npx @clinetools/code-sanitizer

Add to Cline / Claude Code

Add to your MCP settings so your agent sanitizes code automatically.

"code-sanitizer": { "command": "npx", "args": ["@clinetools/code-sanitizer"] }

MCP Client Configuration

{
  "mcpServers": {
    "code-sanitizer": {
      "command": "npx",
      "args": ["@clinetools/code-sanitizer"]
    }
  }
}

Example: Sanitize Before Running

// Prompt to your AI agent:
"Sanitize this code and show me what was
removed before I run it"

// The agent calls:
sanitize_code({
  code: fileContents,
  mode: "strip",    // or "warn"
  allowlist: ["fetch"]  // permit fetch calls
})

// Output shows each dangerous pattern found,
// severity, line number, and the cleaned code

Preference Conversation (First Run)

// On first run, the tool asks:

1. "How strict should I be?"
   [ ] Paranoid - block everything suspicious
   [x] Balanced - block dangerous, warn on risky
   [ ] Relaxed - only block critical threats

2. "Should I allow network requests?"
   [ ] Block all network calls
   [x] Allow fetch() but block raw sockets
   [ ] Allow all network calls

3. "What about eval/exec patterns?"
   [x] Always block eval() and exec()
   [ ] Warn but don't remove
   [ ] Allow in test files only

// Preferences saved to .clinetools/sanitizer.json
// Remembered for all future runs

Live Demo

Try It Online

Paste code or try a demo scenario to scan for dangerous patterns.

Paste Code to Sanitize

We scan for 30+ dangerous patterns in JavaScript, Python, and shell code

Try a demo:

Allowlist (patterns to permit)

Allow fetch() calls

Allow filesystem operations

Allow child_process (spawn/exec)

Allow process.env access

Paste code and click Sanitize Code to scan for dangerous patterns.

Findings

Sanitized Output

Learn

Why Code Sanitization Matters

AI agents generate code fast. Code sanitization ensures that speed doesn't come at the cost of safety.

eval() is Code Injection

eval() executes arbitrary strings as code. A single prompt injection can turn your agent's output into a backdoor. Always strip eval() from generated code unless you have a very specific, controlled use case.

Shell Commands

child_process.exec(), os.system(), subprocess.run() — these execute arbitrary system commands. An AI generating "rm -rf /" or "curl | bash" can cause real damage. Sanitize first, run second.

Data Exfiltration

Uncontrolled fetch() or HTTP calls can send your source code, environment variables, or secrets to external servers. Monitor and control all network requests in generated code.

Environment Leaks

process.env contains API keys, database URLs, and secrets. AI-generated code that reads process.env and logs or sends it externally can leak your entire credential set. Sanitize env access.

Defense in Depth

Even if you trust your AI model, sanitization is a safety net. Models can be jailbroken, prompts can be injected, and context windows can be poisoned. A code sanitizer is your last line of defense before execution.

Sanitize Every Line Before It Runs

Add the Code Sanitizer to your agent's toolkit and catch dangerous patterns automatically.

View Plans