feat: add experimental system-wide API key masking via Accessibility overlay

Add system-wide masking that detects API keys in any macOS application
using the Accessibility API and covers them with floating NSPanel overlays.

Core implementation:
- SystemMaskingService: AXObserver monitors focused UI elements across
  all apps via kAXFocusedUIElementChangedNotification and
  kAXValueChangedNotification. 10ms initial / 30ms debounce + 500ms
  polling fallback. Immediate scan on app switch.
- AXBoundsForRange: precise multi-line text coordinate calculation,
  supports keys spanning multiple visual lines
- SystemOverlayController: click-through NSPanel overlays with
  ignoresMouseEvents, reuses panels via deterministic UUID per match
- MaskOverlayView: solid background overlay with masked text display

Integration:
- Settings toggle: "System-wide masking (experimental)" in Security tab,
  default OFF. Only activates when both setting AND Demo Mode are ON.
- Peek mode: hold ⌃⌥Space to temporarily hide all overlays
- Overlay lifecycle: auto-clear on app switch, text change, Demo Mode OFF

Performance (measured):
- Pattern matching: 0.1-0.3ms per scan
- Total scan + overlay: 2-6ms
- NSHostingView reuse prevents view accumulation
- Text cache prevents redundant overlay updates
- Safe AX API usage: nil guards, isRunning check in callback

Known limitations (marked experimental):
- Only scans focused element (sidebar/non-focused areas not covered)
- Copy/paste still exposes original key (visual overlay only)
- Some apps may not fully support AX text attributes

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

Author: easyvibecoding

CLAUDE.md

@@ -106,6 +106,9 @@ These are absolute rules — never violate them:
 - **Terminal masking sync block buffering** (experimental): Shielded Terminal buffers PTY output by detecting DEC 2026 sync block markers (`\x1b[?2026h`/`\x1b[?2026l`). Complete sync blocks are masked atomically. Non-sync data uses 30ms timeout buffer. This matches claude-chill's approach.
 - **Terminal masking ANSI-aware matching**: `maskTerminalOutput()` strips ANSI escape codes AND all whitespace (spaces, tabs, newlines) before regex matching. Ink word-wraps long keys with `\r\n` + indentation; stripping all whitespace allows regex to match keys across visual line breaks. Structural characters (ANSI + whitespace) within matched ranges are preserved in output via `extractStructural()`.
 - **Terminal masking node-pty loading**: Triple fallback: (1) `require('node-pty')`, (2) `require(vscode.env.appRoot + '/node_modules.asar.unpacked/node-pty')`, (3) `require(vscode.env.appRoot + '/node_modules/node-pty')`. Falls back to `child_process.spawn` line-mode terminal.
+- **System-wide masking** (experimental): Uses `AXObserver` + `kAXFocusedUIElementChangedNotification` / `kAXValueChangedNotification` to monitor focused text elements across all apps. `AXBoundsForRange` provides precise multi-line text coordinates. NSPanel overlay with `ignoresMouseEvents = true` for click-through. Settings toggle (`systemWideMasking` in UserDefaults), only active when both setting AND Demo Mode are ON.
+- **System-wide masking performance**: 10ms initial scan delay, 30ms debounce for changes, 500ms polling fallback. Actual processing 2-6ms. Immediate scan on app switch. Text cache (`lastScannedText`) prevents redundant overlay updates.
+- **System-wide masking coordinate conversion**: AX API uses top-left origin, AppKit uses bottom-left. Convert via `primaryScreenHeight - axY - height`. Multi-screen: use primary screen height as reference.
 
 ## Documentation
 

README.md

@@ -169,8 +169,8 @@ See the [docs/](docs/) directory for detailed specifications:
 - [x] Linked Key Groups (sequential paste with ⌘V→Tab automation, Settings UI CRUD, pre-fetch Keychain)
 - [x] Clipboard Capture (⌃⌥⌘V hotkey, 22 built-in patterns, 3-tier confidence routing, whitespace-tolerant)
 - [x] 🧪 Terminal masking — Shielded Terminal (node-pty proxy, DEC 2026 sync block buffering, ANSI-aware masking, Claude Code compatible)
+- [x] 🧪 System-wide masking — Accessibility overlay (AXObserver + AXBoundsForRange, NSPanel click-through overlay, Settings toggle)
 - [ ] API Key rotation & deployment sync
-- [ ] System-wide masking (Accessibility API)
 
 ## Contributing
 

docs/01-product-spec/implementation-status.md

@@ -35,6 +35,7 @@
 | ~~`⌃⌥⌘V` capture clipboard~~ | Spec §4.4 | ~~中~~ | ✅ HotkeyManager → ClipboardEngine.detectKeysInClipboard() → 內建 22 種 pattern 偵測 → confidence 三階路由 → VaultManager 存儲 |
 | ~~Linked Key Groups (sequential paste)~~ | Spec §6.3 | ~~中~~ | ✅ `LinkedGroup`/`GroupEntry`/`SequentialPasteEngine` 完成、Settings UI 群組管理（CRUD）、`request_paste_group` IPC handler |
 | ~~Terminal masking (Shielded Terminal)~~ | Spec §3.2 | ~~中~~ | 🧪 實驗性。node-pty proxy + DEC 2026 sync block buffering + ANSI-aware masking。Known limitation: Rewind 確認頁部分洩漏 |
+| ~~System-wide masking (Accessibility overlay)~~ | Spec §3.3 | ~~中~~ | 🧪 實驗性。AXObserver + AXBoundsForRange + NSPanel overlay。Settings 可開關，Demo Mode 附加功能。Known limitation: 僅掃描 focused element、copy/paste 不安全 |
 | Shortcut conflict detection | Spec §4.4 | 低 | |
 | Import / Export vault | Spec §9.1 | 低 | |
 

docs/en/01-product-spec/implementation-status.md

@@ -35,6 +35,7 @@
 | ~~`⌃⌥⌘V` capture clipboard~~ | Spec §4.4 | ~~Medium~~ | ✅ HotkeyManager → ClipboardEngine.detectKeysInClipboard() → 22 built-in patterns → 3-tier confidence routing → VaultManager store |
 | ~~Linked Key Groups (sequential paste)~~ | Spec §6.3 | ~~Medium~~ | ✅ `LinkedGroup`/`GroupEntry`/`SequentialPasteEngine` complete, Settings UI group management (CRUD), `request_paste_group` IPC handler |
 | ~~Terminal masking (Shielded Terminal)~~ | Spec §3.2 | ~~Medium~~ | 🧪 Experimental. node-pty proxy + DEC 2026 sync block buffering + ANSI-aware masking. Known limitation: Rewind confirmation page partial leak |
+| ~~System-wide masking (Accessibility overlay)~~ | Spec §3.3 | ~~Medium~~ | 🧪 Experimental. AXObserver + AXBoundsForRange + NSPanel overlay. Settings toggle, Demo Mode enhancement. Known limitation: focused element only, copy/paste unsafe |
 | Shortcut conflict detection | Spec §4.4 | Low | |
 | Import / Export vault | Spec §9.1 | Low | |
 

packages/swift-core/DemoSafe/App/AppState.swift

@@ -21,6 +21,8 @@ final class AppState: ObservableObject {
     let sequentialPasteEngine: SequentialPasteEngine
     let toolboxState: ToolboxState
     let toolboxController: FloatingToolboxController
+    let systemOverlayController: SystemOverlayController
+    let systemMaskingService: SystemMaskingService
 
     private var cancellables = Set<AnyCancellable>()
 
@@ -34,6 +36,8 @@ final class AppState: ObservableObject {
         self.hotkeyManager = HotkeyManager(maskingCoordinator: maskingCoordinator)
         self.toolboxState = ToolboxState(vaultManager: vaultManager)
         self.toolboxController = FloatingToolboxController()
+        self.systemOverlayController = SystemOverlayController()
+        self.systemMaskingService = SystemMaskingService(maskingCoordinator: maskingCoordinator, overlayController: systemOverlayController)
 
         // Sync isDemoMode bidirectionally with MaskingCoordinator
         maskingCoordinator.$isDemoMode
@@ -85,6 +89,14 @@ final class AppState: ObservableObject {
         isDemoMode.toggle()
         maskingCoordinator.isDemoMode = isDemoMode
         maskingCoordinator.broadcastState()
+
+        // Sync system-wide masking with Demo Mode (only if enabled in settings)
+        let systemMaskingEnabled = UserDefaults.standard.bool(forKey: "systemWideMasking")
+        if isDemoMode && systemMaskingEnabled {
+            systemMaskingService.start()
+        } else {
+            systemMaskingService.stop()
+        }
     }
 
     func switchContext(contextId: UUID) {
@@ -116,18 +128,20 @@ final class AppState: ObservableObject {
     // MARK: - Private — Hotkey Wiring
 
     private func wireHotkeyCallbacks() {
-        // Toolbox show (hold start)
+        // Toolbox show (hold start) — also enables peek mode for system overlays
         hotkeyManager.onToolboxShow = { [weak self] in
             guard let self else { return }
             self.toolboxState.reset()
             self.toolboxState.isVisible = true
+            self.systemMaskingService.setPeekMode(true)
             let mouseLocation = NSEvent.mouseLocation
             self.toolboxController.show(near: mouseLocation)
         }
 
-        // Toolbox release (hold end)
+        // Toolbox release (hold end) — also disables peek mode
         hotkeyManager.onToolboxRelease = { [weak self] in
             guard let self else { return }
+            self.systemMaskingService.setPeekMode(false)
             self.toolboxState.handleRelease { [weak self] keyId in
                 self?.copyKey(keyId: keyId)
             }