Critical Security Flaw Exposes LLM API Keys Stored in Plain Text via localStorage Vulnerability
A documented security vulnerability in the glowos project leaves LLM API keys exposed in plain text within browser localStorage, creating an immediate attack surface for any cross-site scripting (XSS) exploit. The keys are persisted through the zustand state management library using its persist middleware, which writes state—including sensitive credentials—directly to localStorage under the storage key "glowos-settings." Any successful XSS injection on pages running the application grants attackers immediate access to all stored API keys without additional decryption or privilege escalation.
The vulnerability stems from storing authentication credentials client-side in an unencrypted format accessible to JavaScript. Unlike server-side storage or httpOnly cookies, localStorage data remains fully readable by any injected scripts operating within the application's origin. Security researchers note that the zustand persist middleware provides no built-in encryption layer, meaning the settings store—configured at `src/lib/store/settings.ts`—writes the `apiKey` field as raw, plain-text data. This architectural decision prioritizes developer convenience over credential protection, a trade-off that becomes critical when handling high-value LLM API keys worth potentially significant financial and operational value.
Proposed remediation paths include migrating keys to httpOnly cookies set by the backend after cryptographic verification, or routing all LLM requests through a backend proxy that never exposes the key to the browser environment. A minimal interim measure would involve displaying user-facing warnings about the insecurity of localStorage-based credential storage. The vulnerability underscores a recurring pattern in AI-integrated applications where the rush to ship LLM features outpaces security architecture decisions, leaving sensitive infrastructure credentials exposed to client-side attack vectors that XSS vulnerabilities routinely exploit.