Skip to content

Mask API keys more aggressively in status and session messages#24409

Merged
steipete merged 2 commits intoopenclaw:mainfrom
Clawborn:fix/mask-api-key-in-session-status
Feb 23, 2026
Merged

Mask API keys more aggressively in status and session messages#24409
steipete merged 2 commits intoopenclaw:mainfrom
Clawborn:fix/mask-api-key-in-session-status

Conversation

@Clawborn
Copy link

@Clawborn Clawborn commented Feb 23, 2026
edited by greptile-apps bot
Loading

formatApiKeySnippet reveals the first 6 and last 6 characters of API keys in /new, /status, and model picker messages. In shared channels (Discord, Telegram groups), this exposes 12 characters of the key — enough to narrow brute-force search space or identify the full key for short-key providers.

Reduced to showing only the first 4 characters plus a fixed **** mask. Users can still identify which key is active without credential exposure risk.

Before: sk-abc1…xyz789 (12 chars exposed)
After: sk-a**** (4 chars exposed)

Added unit tests for the masking behavior.

Fixes #24384

Greptile Summary

Reduced API key exposure in status and session messages from 12 characters (first 6 + last 6) to 4 characters (first 4 only), eliminating trailing character disclosure. The fix properly addresses the security risk in shared channels like Discord and Telegram by changing the masking pattern from sk-abc1…xyz789 to sk-a****.

The implementation:

  • Modified formatApiKeySnippet in src/agents/model-auth-label.ts to show only the first 4 characters followed by ****
  • Added comprehensive test coverage verifying the masking behavior never leaks trailing characters
  • Maintained user ability to identify which key is active while preventing credential exposure

Note: There is a separate utility maskApiKey in src/utils/mask-api-key.ts that still uses the vulnerable pattern (showing 8 chars prefix + 8 chars suffix). This utility is used in /models list and auth directive handling. Consider applying the same fix to that utility in a follow-up to ensure consistent security across all API key display contexts.

Confidence Score: 5/5

  • This PR is safe to merge with minimal risk.
  • The security fix is well-implemented with proper test coverage. The change is focused and addresses the vulnerability described in the PR description. The masking logic is simple and correct, reducing exposure from 12 to 4 characters while maintaining usability.
  • No files require special attention.

Last reviewed commit: 026b235

@steipete steipete force-pushed the fix/mask-api-key-in-session-status branch from 026b235 to fbd159c Compare February 23, 2026 18:30
@openclaw-barnacle openclaw-barnacle bot removed the agents Agent runtime and tooling label Feb 23, 2026
@steipete steipete merged commit e40ee3c into openclaw:main Feb 23, 2026
@steipete
Copy link
Contributor

steipete commented Feb 23, 2026

Landed via temp rebase onto main.

  • Gate: pnpm check && pnpm build && pnpm test
  • Land commit: b219df6470faa2b55861565383a44ff018333d6f
  • Merge commit: e40ee3c2c7048a2ea173705344fece5bbb801dd4

Thanks @Clawborn!

@steipete steipete mentioned this pull request Feb 23, 2026
Closed
@github-actions github-actions bot mentioned this pull request Feb 23, 2026
Open
iamjulio pushed a commit to NeuroGym-Dev/openclaw that referenced this pull request Feb 23, 2026
Merge remote-tracking branch 'upstream/main' into ui-updates
8d88f54 
* upstream/main: (1467 commits)
  fix(doctor): use gateway health status for memory search key check (openclaw#22327)
  refactor: harden reset notice + cron delivery target flow
  refactor(exec): simplify env-prefixed wrapper modifier check
  fix(skills): support multiline frontmatter fallback without PyYAML
  fix(skills): make quick_validate work without PyYAML
  fix(exec): bind env-prefixed shell wrappers to full approval text
  fix(browser): derive relay auth token from gateway token in Chrome extension
  Browser relay: accept raw gateway token in extension auth
  fix(gateway): include platform and reason in node command rejection error
  CLI: fix gateway restart health ownership for child listener pids (openclaw#24696)
  docs: detail per-agent prompt caching configuration
  fix(config): tighten bedrock cache-retention type narrowing
  feat(agents): add per-agent stream params overrides for cache tuning (openclaw#17470) (thanks @rrenamed)
  fix(providers): support Bedrock Anthropic cacheRetention defaults/pass-through (openclaw#22303) (thanks @snese)
  fix(providers): disable Bedrock prompt caching for non-Anthropic models (openclaw#20866) (thanks @pierreeurope)
  docs(changelog): note /new and /reset auth-label removal (openclaw#24409)
  fix(reply): omit auth labels in /new and /reset
  docs(changelog): correct kimi issue references
  test(tools): fix kimi web_search mock typing
  feat(media): add moonshot video provider and wiring
  ...

# Conflicts:
#	ui/src/ui/app-render.ts
#	ui/src/ui/controllers/agents.ts
carlosrivera pushed a commit to myascendai/meshiclaw that referenced this pull request Feb 23, 2026
@steipete @carlosrivera
docs(changelog): note /new and /reset auth-label removal (openclaw#24409
1e3c009 
)
mreedr pushed a commit to mreedr/openclaw-custom that referenced this pull request Feb 24, 2026
@steipete
docs(changelog): note /new and /reset auth-label removal (openclaw#24409
5b9279b 
)
plgs2005 pushed a commit to plgs2005/openclaw that referenced this pull request Feb 24, 2026
@steipete @plgs2005
docs(changelog): note /new and /reset auth-label removal (openclaw#24409
6083dbd 
)
margulans pushed a commit to margulans/Neiron-AI-assistant that referenced this pull request Feb 25, 2026
@steipete @margulans
docs(changelog): note /new and /reset auth-label removal (openclaw#24409
7380c97 
)
brianleach pushed a commit to brianleach/openclaw that referenced this pull request Feb 26, 2026
@steipete @brianleach
docs(changelog): note /new and /reset auth-label removal (openclaw#24409
42c3109 
)
@arjunaskykok arjunaskykok mentioned this pull request Feb 26, 2026
Open
2 tasks
mylukin pushed a commit to mylukin/openclaw that referenced this pull request Feb 26, 2026
@steipete @mylukin
docs(changelog): note /new and /reset auth-label removal (openclaw#24409
3ef262b 
)
@matt122004-beep matt122004-beep mentioned this pull request Feb 27, 2026
Open
r4jiv007 pushed a commit to r4jiv007/openclaw that referenced this pull request Feb 28, 2026
@steipete @r4jiv007
docs(changelog): note /new and /reset auth-label removal (openclaw#24409
e2b44bf 
)
@BlueBirdBack BlueBirdBack mentioned this pull request Feb 28, 2026
Open
@github-actions github-actions bot mentioned this pull request Mar 1, 2026
Closed
6 tasks
hughdidit pushed a commit to hughdidit/DAISy-Agency that referenced this pull request Mar 1, 2026
@steipete @github-actions
docs(changelog): note /new and /reset auth-label removal (openclaw#24409
ac1900d 
)

(cherry picked from commit e40ee3c)
hughdidit pushed a commit to hughdidit/DAISy-Agency that referenced this pull request Mar 3, 2026
@steipete @github-actions
docs(changelog): note /new and /reset auth-label removal (openclaw#24409
ef95fc7 
)

(cherry picked from commit e40ee3c)
This was referenced Mar 4, 2026
Open
Open
zooqueen pushed a commit to hanzoai/bot that referenced this pull request Mar 6, 2026
@steipete
docs(changelog): note /new and /reset auth-label removal (openclaw#24409
85cfa94 
)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

size: XS

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Security: /new session message leaks partial API key in chat

2 participants

@Clawborn @steipete