Holen Ventures Work with me
Living document · last tended 2 days ago · revision 01 seeded 26 Apr 2026
Field notes / vibe-coding-to-agentic

Add PII detection for extra safety

Wired OpenAI's privacy-filter into Claude Code as a pre-push hook, about 150 lines of TypeScript. A small example of a bigger idea: you can let AI write the code if you build the checks around it.

budding ~2 min read

One of the ways to turn vibe coding into agentic engineering is to make sure you apply the right structure to how the output is evaluated. You’re still letting AI write the code, but you’re building a system around it that catches the things it misses.

Red/green test-driven development is the obvious one. Write the test first, let the AI write the implementation, and the test tells you whether it worked.

With OpenAI’s privacy-filter you can add a different kind of check: a small model that detects PII in text. Names, emails, phone numbers, addresses, API secrets. It runs locally on your machine, 50 million active parameters, fast enough to use as a pre-push check.

I wired this into Claude Code as a hook. Every time Claude tries to git push, the hook scans every changed file through the model and blocks the push if it finds PII:

PII detected — push blocked.

  src/config.ts:2   private_email (1.00)  "john.doe@company.com"
  src/config.ts:3   private_person (1.00) "John Doe"
  src/config.ts:4   secret (1.00)         "sk-proj-abc123xyz789secretkey"

About 150 lines of TypeScript. The model runs through Transformers.js on CPU, downloads once (~900MB quantised), then loads from local cache. The Claude Code hook configuration is a few lines of JSON that say “before any git push, run this script, and if it exits with code 2, block the action.”

Vibe coding is letting AI write code and hoping it works. Agentic engineering is letting AI write code inside a system that verifies it does.

Want to set this up? Paste this into Claude Code:

Create a Claude Code PreToolUse hook that scans all changed files for PII before git push using the openai/privacy-filter model from Hugging Face. Use Transformers.js with q4 quantisation so it runs locally on CPU. The hook should get the list of changed files from git diff, scan each one through the model’s token-classification pipeline, and block the push (exit code 2) if any PII is found with confidence above 0.8. Print the findings with file path, line number, PII type, and matched text. Configure it in .claude/settings.local.json.

This note is a living document and will keep changing. It's not an article. It's a notebook page I'm letting you read over my shoulder. If you spot something I'm wrong about, or if you've worked through the same thing differently, reply to henrik@holenventures.com.