Clipboard history prefix deny list

[Robbie Gates]

It's increasingly common for the clipboard to be used to move secrets (like access tokens) between applications, including where one of the applications is the browser. Although Alfred can block clipboard history by application (which is great!), this doesn't help with the browser (because I want clipboard history almost always there). At the same time, various token providers (like Github -  https://github.blog/2021-04-05-behind-githubs-new-authentication-token-formats/, but also Atlassian where I used to work) are adopting "secret scanning friendly" token formats like fixed prefixes.

It would be really useful to be able to configure a list of string prefixes which would prevent that string making it on to clipboard history. Copy/paste would still work, but I wouldn't have to worry about the token finding its way into files I didn't put it in.

Currently I switch off history before doing token manipulations and switch it back on afterwards (and an Alfred level UI for that would be great also - digging through prefs to do it is a bit painful).

I am aware of the `clear` keyword for clipboard history, but by the time that happens, the string has possibly made it into a sqlite database for some time, and automatic backup / sync processes may have moved it elsewhere - being able to control token duplication preventatively rather than curatively seems like a win to me?

Another note - the formats above use checksums for high confidence in systems where false positives are probable (like logs which deal with a lot of data, including data which has people talking about the prefixes 🙂 ) and very expensive (each needing investigation) - I don't think that level of support is needed. If I could just list out the `gh?_` and `ATATT` prefixes, that'd solve my problem.