One use case you might not have considered: pairing this with a persistent "demo mode" profile in VS Code. I've been experimenting with a separate workspace that auto-loads this extension plus other privacy settings.
Have you thought about expanding beyond config files? Sometimes git commit messages in the terminal include sensitive issue IDs or customer names, database connection strings leak in SQL output, or file paths reveal internal org structure. The config file approach is solid but I'd pay for a "demo mode" extension that handles all those edge cases.
What's the performance impact on large config files (like 1000+ line .env files)? Does it parse in real-time or cache the redaction?
Kudos for making this btw.