Security: /new session message leaks partial API key in chat #24384
Description
Bug Description
Starting in v2026.2.21, the /new and /reset session confirmation message now includes a truncated API key and environment variable name:
✅ New session started · model: moonshot/kimi-k2.5 · 🔑 api-key sk-....(env: MOONSHOT_API_KEY)
This exposes 12 characters of the API key (first 6 + last 6 via formatApiKeySnippet()) plus the env var name in plain text in Discord channels, visible to anyone with channel access.
Expected Behavior
The session confirmation message should NOT include partial API keys. The previous behavior (pre-2026.2.21) only showed the model name:
✅ New session started · model: moonshot/kimi-k2.5
Root Cause
Introduced in PR #20704 (feat(auto-reply): add model fallback lifecycle visibility). The resolveModelAuthLabel() function in src/agents/model-auth-label.ts is called unconditionally at the /new reset path (line ~71888 in reply-CdjLMJxg.js), and the result is appended to the chat message without any verbose/config gate.
Security Impact
- Credential exposure: 12 chars of API key visible in Discord chat history (searchable, persistent)
- Env var name disclosure: reveals credential architecture (
env: MOONSHOT_API_KEY) - No config to suppress:
logging.redactSensitive,verboseDefault, and other config options have no effect on this message
Suggested Fix
Either:
- Remove the auth suffix from
/new//resetconfirmation messages entirely (auth context belongs in/statusand/model status, not session greetings) - Gate the auth suffix behind
verbose === "on" || verbose === "full"so it only shows when explicitly requested - Add a config option like
session.reset.hideAuth: trueormessages.redactAuth: true
Option 1 is the simplest and most secure.
Environment
- OpenClaw version: 2026.2.22-2
- Channel: Discord
- Auth method: Environment variable (
.envfile)