Skip to content

Bruce Hart
LinkedIn GitHub

Search

Topics

AI 26 Automation 6 Codex 12 Developer Tools 6 LLMs 12 Open Source 2 Personal 8 Productivity 8 agents 1 ai agents 1 cli 2 cloudflare-workers 1 coding 6 coding agents 2 cost-optimization 3 d1 1 databases 1 devops 1 devtools 1 durable-objects 1 edge-compute 1 incident lessons 1 openclaw 1 opinion 12 performance 1 r2 1 replicate 1 rust 1 security 2 serverless 1 simon willison 1 tools 11 web 1 workflows 2 wrangler 1

Latest

Jan 29, 2026 2 min read

A Word of Caution: Tools Can Leak Secrets

A quick story about a near-miss where automation leaked API keys into GitHub comment history, plus a few mental models and guardrails to avoid the same trap.

The scary part was not the leak. It was how easy it was to miss.

Automation can turn tiny slips into durable artifacts.

Yesterday I asked Codex to turn a list of items into GitHub issues. It generated a shell script and made a mistake. Part of my ~/.bashrc landed in a comment, including a Replicate API key and internal keys. It fixed the comment on its own, but the keys stayed in the comment history. I only saw them by opening the history on a specific issue. Replicate's scanner caught it and revoked the key. I rotated everything else, including this blog's keys. Total time under five minutes, no damage, but a real lesson.

Comment history is an audit log, even when you do not mean it to be

I treated the comment as a scratchpad. GitHub treated it as a permanent record with a hidden trail. That is the mismatch. When we work in tools that preserve history, the safest assumption is that every edit is forever. That means any credential exposed once is exposed for real, even if the current view looks clean.

Automation shifts failure modes, not just speed

The point of automation is leverage. The downside is that leverage multiplies mistakes too. We will trade human typos and manual slips for new classes of errors like misplaced secrets, unintended logs, and silent persistence in systems that keep history. The risk profile changes.

Secrets are radioactive, so handle them like material, not text

If a tool might touch your local config, treat it like a hot zone. Minimize the surfaces that can appear in prompts or generated output. It is safer to constrain the data than to rely on post hoc cleanup. Cleanup is useful, but it is reactive and it never reaches every copy.

Fast revocation loops are part of the product

The real save here was speed. Scanners triggered, keys were disabled, and rotation happened quickly. That is the muscle to build. If these incidents increase, the winners will be teams who can revoke and replace in minutes without drama.

I expect more of this. The systems we build will make some errors rarer and others more common. That is fine, but only if we design for it.

If you have your own story or a better set of guardrails, I want to hear it.

Read the full piece
Portrait of Bruce Hart

Bruce Hart

Engineer who writes

Engineer tinkering with AI and automation. I like clear tradeoffs, readable code, and weird little experiments that sometimes work.

More about me

Recent Posts

I Got Starting Lineup Talking Baseball Running in the Browser

Mar 16, 2026 7 min read

Partial Minds: Intelligence, God, and the Limits of Access

Mar 15, 2026 9 min read

GPT-5.4 Is My Daily Driver. Claude Opus 4.6 Is Still My Specialist.

Mar 10, 2026 7 min read

GPT-5.4 Feels Like the Start of the Stability Era

Mar 7, 2026 6 min read

What If the Best Models End Up a Little Weird?

Mar 6, 2026 6 min read

Recent News

All news
Update

New Web Tools addition: area code lookup

Mar 11, 2026
Update

New Web Tools addition: browser image editor

Mar 7, 2026
Fun Stuff

New userscript: NYT Connections Color Cycler

Mar 4, 2026

Subscribe

RSS feed

Posts by Month

2026
Mar 5 Feb 8 Jan 15