I think it would be a good possibility, if you can change the visibility of the global rules, because you can block for example commits, diffs, which contains a passwort (already possible), but you can't put in specific data, because every user will be able to see the data, if you don't restrict whole herald to only a few users.
A alternative way: Allow to let herald search for specific secrets from passphrase.
Sorry, I don't understand, why you closed this. The problem is:
We prefer people follow our posted guidelines on filing feature requests. We don't take feature requests that don't state a problem. Specifically "feature does not exist" does not satisfy our criteria for requesting features.
More specifically we'd prefer if people:
It might be we end up at the same solution, or we have something larger planned that covers lots of other edge cases. Mostly though, even if we take a new feature request, it could be years before coding would occur. We're very small (2 people) and have limited ability to tackle edge case requests. You're best bet is always to just describe the problem and we'll help find a solution.
You may also be interested in T9212 which explains a bit better why "free support" is increasing burdensome for the upstream.