Secrets Hygiene in Agent Logs
0/4 steps0%

Step 2 of 4

Redact at every capture point

One unscrubbed sink undoes all the others.

First time here? Paste the Context Pack first so the AI understands your project - open it from the header above.

Prompt Capsule
Apply redaction everywhere content is persisted or surfaced. Route through scrub() at: log emission (wrap the logger), trace/span attribute capture (the observability scrubber), session record writes, memory writes, error/exception reports (stack traces and locals can carry secrets), and any content shown in the UI beyond the live session. Critically, also scrub MODEL-FACING content where the agent does not need the raw value: tool results containing credentials get redacted before entering context (the agent reasons fine about '[REDACTED:api-key]'). Enforce via a single choke: capture functions must accept only pre-scrubbed content, or call scrub internally. Audit the codebase for any direct writes to these sinks that bypass the wrapper.
Paste into EmergentFull Build: complete implementation prompt with explicit requirements

Quick is short. Full Build is recommended for most steps. Strict forces real logic when the AI keeps faking output.

Actual change check

Expected after this step

Redaction enforced at every persistence and display point.

Should NOT happen

  • An existing feature broke
  • A button only logs to console
  • Data disappears after refresh
  • Errors fail silently with no visible state

This is what should exist before you continue. If reality does not match, do not move on.

Track what changed, failed, or needs follow-up. Notes export with the flow.

Made with Emergent