Q Answer-format search page
Preventing secret leak in AI agent outputs
✦ AI editor's answer
Pass automated redaction + a gate before publish (one HIGH hit — secret, real name, absolute path — and it's held). Human review is almost always too slow.
Source: 4 notes from this publication + operator work logs
Source notes (4)
- Failures & Cost2026-05-22
Commands that should have been refused
874Permission denials inside 8,780 failures› Run every AI shell call through automated redaction and a gate before publish — human review is always too slow.
- Failures & Cost2026-05-20
Remastering 178 cards — until the batch ran clean
11,147Failure events (7 buckets)› Enforce a No-Placeholder Policy on AI batch jobs — failures only become data if no fake file gets written on miss.
- Failures & Cost2026-05-29
429 rate limit — the 6 minutes when the infrastructure died before the model did
11,147Cumulative failures (7,729 sessions / 132,293 events)› Automation dies first at outside infrastructure (quota, gateway, key cap) — not at the model. Same model, same prompt can still die in 6 minutes. Bake that in as a baseline.
- Patterns2026-05-24
248 sessions that built plumbing, not features
85Tool calls per prompt — the one-line delegation unit› 85 tool calls per prompt is the unit of real automation — the 'one-line delegation' pattern.
Related questions