Shell output exposes sensitive environment variable values in plaintext

Resolved 💬 2 comments Opened May 25, 2026 by CharlesKahn Closed Jun 26, 2026

Preflight Checklist

  • [x] I have searched existing issues and this hasn't been reported yet
  • [x] This is a single bug report (please file separate reports for different bugs)
  • [x] I am using the latest version of Claude Code

What's Wrong?

When Claude Code runs shell commands that reference environment variables, the full secret values can be printed to the conversation output in plaintext. A diagnostic command using bash parameter expansion to check whether ANTHROPIC_API_KEY was set caused the entire API key to be printed in the session. The key had to be rotated immediately.

What Should Happen?

CC should detect and redact values of sensitive environment variables from shell output before displaying them in the conversation. Values matching common patterns (ANTHROPIC_API_KEY, _SECRET, _TOKEN, *_PASSWORD) should be replaced with [REDACTED] or masked, similar to how GitHub Actions redacts repository secrets from workflow logs.

Error Messages/Logs

Steps to Reproduce

  1. Set ANTHROPIC_API_KEY in your shell environment
  2. Ask CC to verify your environment is configured correctly (or any task that involves checking env vars)
  3. CC generates and runs a bash command using parameter expansion to check the variable
  4. The expansion logic causes the full key value to print in the conversation output
  5. CC itself flagged the leak after the fact, but the key was already exposed in the session

Claude Model

Opus

Is this a regression?

I don't know

Last Working Version

_No response_

Claude Code Version

2.1.150

Platform

Anthropic API

Operating System

macOS

Terminal/Shell

iTerm2

Additional Information

This is a security concern in any setting where CC sessions are shared, logged, or screenshotted. The exposed credential was a live Anthropic API key that had to be rotated. GitHub Actions solves this same problem by automatically replacing secret values with *** in all log output.

View original on GitHub ↗

This issue has 2 comments on GitHub. Read the full discussion on GitHub ↗