DEMO Read-only showcase seeded with synthetic data. Sign-in, reviewing, rules, retention and alerts are disabled. Browse every page and session freely. Install on your fleet →
Session

demo-critical-exfil

claude-code on staging-ci-01 · 20s · first 2026-04-22 20:14:21 · last 2026-04-22 20:14:41
Notes 0

No notes yet. Leave the first one so the next reviewer inherits the context.

Processes 4
File opens 0
DNS / TCP / UDP 1 / 0 / 2
Sensitive hits 2
Event timeline · 20:14:21 → 20:14:41 · peak 1 event/bin
20:14:21 · 1 event 20:14:23 · 1 event 20:14:25 · 1 event (1 sensitive) 20:14:26 · 1 event (1 sensitive) 20:14:27 · 1 event 20:14:29 · 1 event 20:14:31 · 1 event 20:14:33 · 1 event 20:14:35 · 1 event 20:14:36 · 1 event 20:14:39 · 1 event 20:14:40 · 1 event 20:14:21 20:14:41
Sensitive path hits · 2 matches
PathReasonOpProcessWhen
C:\Users\ci\.aws\credentials aws credentials open C:\Users\bill\AppData\Roaming\Claude\claude-code\2.1.111\claude.exe pid 9900 2026-04-22T20:14:25.406495887Z
C:\Users\ci\.ssh\id_rsa ssh keys open C:\Users\bill\AppData\Roaming\Claude\claude-code\2.1.111\claude.exe pid 9900 2026-04-22T20:14:26.406495887Z
Suspicious host queries · 1 match
HostReason
pastebin.com paste site

Posted 2026-04-22 22:14:21Z