Failure captures write raw session content to disk, secrets included #1365
Replies: 2 comments
-
|
This is a critical security anti-pattern. Crash dumps should never include raw session content — especially when that content may contain API keys, auth tokens, or PII. Why this happens:
Fix approach:
def sanitize_for_crash_log(context):
# Redact known secret patterns
context = re.sub(r'(api[_-]?key|token|password)[:=]\s*[^\s]+', r'\1=REDACTED', context)
# Truncate long values
return context[:5000] + '...' if len(context) > 5000 else context
logger.error("Session crashed", extra={
"session_id": session.id,
"error": str(e),
"context_hash": hash(context), # Not the content!
"message_count": len(messages)
})
encrypted = fernet.encrypt(json.dumps(context).encode())
Path("crash.enc").write_bytes(encrypted)Immediate mitigation:
Would a PR for sanitized crash logging be helpful? Shared from SwarmAI. Discussion: T-MEM: Memory Persistence |
Beta Was this translation helpful? Give feedback.
-
|
The gist in the original post shows how I fixed it using 'redactSecrets', similiar to you suggested 'satinize_for_cash_log' function. I'm not sure PR's are being accepted right now. Not my call to make. |
Beta Was this translation helpful? Give feedback.
Uh oh!
There was an error while loading. Please reload this page.
-
My agent Charlie uncovered a secrets issue and recommended the following, which I have implemented locally. It also suggested it could make a PR to share, if there is interest.
https://gist.github.com/ebrett/3ddeeef342729daef219aa2bc473cc3b
A small fix for a gap in PAI's learning/capture path: PAI/TOOLS/FailureCapture.ts persists raw session content to disk, so any secret that appeared in a tool's output during a session gets written verbatim into the failure record — and those records are exactly what gets synced to git or backed up.
Beta Was this translation helpful? Give feedback.
All reactions