NoData + Claude

Claude writes code that encrypts — it doesn't encrypt itself. The difference is critical.

Important — Claude writes code, not encrypts

❌ NOT like this

"Encrypt 0501234567" → Claude already saw the number. Encrypting after doesn't erase it from memory.

Claude saw plaintext = exposed

✅ Like this

"Write code that encrypts phones" → Claude writes encrypt(). Code runs in YOUR system. Claude never sees real data.

Claude wrote code. Data never passed through.

Two usage modes

ARECOMMENDED — FULL PROTECTION

Claude writes encryption code

You say "add encryption to all PII fields". Claude writes the code. Code runs in your system. Claude never sees real data.

✅ DB protected · ✅ Claude saw no data · ✅ Full encryption

BQUICK — PARTIAL PROTECTION

Encrypt from conversation

You give a password and say "encrypt and send a link". Claude sees the password — but it's never stored on any server, only in temporary conversation memory.

⚠️ Claude saw · ✅ Servers didn't · ✅ Link encrypted

💡 Recommendation: always prefer Mode A — Claude writes code. If speed is needed and you accept Claude seeing — Mode B is better than sending plaintext by email.

START IN 30 SECONDS

1

Put your code in Claude

Open Claude Code, load your project.

2

Get API key

Go to /developers/get-started, click one button, get sk_live_...

3

Tell Claude what to do

"Encrypt the sensitive fields with NoData" — Claude does the rest.

What you can do with Claude + NoData

ACTIONCOMMANDWHAT HAPPENS

Encrypt field"Encrypt the phone"Claude calls /encrypt → gets ciphertext → puts in code

Decrypt"Decrypt this ciphertext"Claude calls /decrypt → gets plaintext → shows you

Send secret"Send the password encrypted"Claude calls /deliver → creates link → burn after read

Scan exposure"Check how much data is exposed"Claude runs scanner on code open in session

Fix code"Add encryption to all PII fields"Claude finds plaintext → adds encrypt() → saves

Audit trail"Show me encryption log"Claude calls /evidence → shows audit trail

Deploy encrypted"Deploy to Netlify with encryption"Claude encrypts first → sends ciphertext only → server never sees plaintext

Examples — what to tell Claude

"Encrypt the customer's phone before saving to DB"

// Claude writes this:
const res = await fetch("https://www.nodatacapsule.com/api/v1/encrypt", {
  method: "POST",
  headers: {
    "Authorization": "Bearer sk_live_...",
    "Content-Type": "application/json"
  },
  body: JSON.stringify({
    field: "phone",
    value: customer.phone
  })
});
const { ciphertext } = await res.json();
await db.insert({ phone: ciphertext }); // DB gets ciphertext only

"Send this API key as a one-time encrypted link"

// Claude writes this:
const res = await fetch("https://www.nodatacapsule.com/api/v1/deliver", {
  method: "POST",
  headers: { "Authorization": "Bearer sk_live_..." },
  body: JSON.stringify({
    content: "sk_prod_a8f3e9c2d1b8...",
    ttl: "1h",
    maxViews: 1,
    burn: true
  })
});
const { link } = await res.json();
// link = nodatacapsule.com/v/del-x8Kd — one view, then gone

"Check how many PII fields are exposed in this project"

// Claude runs the scanner on your open code:
// Found 155 PII fields across 75 tables
// Encrypted: 75/155 (48%)
// Routes without auth: 309/309
// Breach impact: 52% readable as plaintext
// SOC 2 readiness: 73%
//
// Recommendation: Add encrypt() to 80 fields

What's protected and what's not — honestly

✅ PROTECTED

• Your DB — ciphertext only

• Logs & backups — encrypted

• API responses — ciphertext

• Deploy to server — ciphertext only

• Exported files — encrypted

• Audit trail — HMAC signed

• Server breach = empty room

⚠️ NOT PROTECTED

• Claude memory — sees plaintext momentarily

• Your screen — you see the data

• Manual copy-paste — your responsibility

• Viewing moment — requires plaintext

Protection is on permanent points (DB, logs, backups) — not the fleeting moment of viewing.

Claude → Deploy: what transfers and what doesn't

1

Your code

customer.phone = '+972...'

PLAINTEXT

2

Claude + NoData

encrypt(phone) → aes256gcm:v1:...

ENCRYPTING

3

Fixed code

customer.phone = ciphertext

CIPHERTEXT

4

Deploy (Netlify/Vercel)

Only ciphertext reaches server

SAFE

5

Server breach

aes256gcm:v1:x8Kd... (חסר ערך)

EMPTY ROOM

🔌 MCP + NoData

If Claude is connected via MCP to Netlify/Vercel — the correct order:

The correct order

// 1. Claude encrypts FIRST
const { ciphertext } = await nodata.encrypt("phone", value);

// 2. THEN deploys to Netlify/Vercel
// Only ciphertext reaches the server
// Netlify/Vercel never sees plaintext

// ✅ SAFE: server gets aes256gcm:v1:x8Kd...
// ❌ WRONG: deploy plaintext, then encrypt on server

Encrypt before sending. Always. Everywhere.

🔑

Password Manager for Developers

A tool developers asked for — and we built

🔐

Encrypt password

📤

Send one-time link

🔄

Generate new if forgot

📋

Full audit trail

From Claude: "encrypt the password and send a link to Yossi" → encrypted link, one view, deleted. Forgot? "Generate new password and encrypt" → new and protected. No server stores plaintext.

🛠️ More tools coming

We're building more dev tools — based on what the community asks. Have an idea? A tool you're missing? Tell us.

📮 Send us a message

Message is encrypted. Anonymous. Like everything in NoData.

Get API key — free API Reference

The button decides. System is blind. Claude is just the hands.