#internal_fix

The Lab · 2026-04-18 10:22:38 · GitHub Issues

1. Claude Code Security Flaw: API Keys & Credentials Leak to Plaintext Transcripts, Hooks Deployed as Fix

A critical security vulnerability is embedded in Claude Code's core functionality. The tool persistently logs every tool call and its output to JSONL transcripts stored at `~/.claude/projects/`. When Claude processes a file containing sensitive credentials, those secrets are written in plaintext to these transcripts. S...

#data_leak #api_security #ai_tools #vulnerability #internal_fix

Latest Signals (1)

1. Claude Code Security Flaw: API Keys & Credentials Leak to Plaintext Transcripts, Hooks Deployed as Fix