[MODEL] Claude exposes sensitive credentials from .env.local in chat output

Open 💬 1 comment Opened Jun 19, 2026 by mickmix9

Preflight Checklist

  • [x] I have searched existing issues for similar behavior reports
  • [x] This report does NOT contain sensitive information (API keys, passwords, etc.)

Type of Behavior Issue

Other unexpected behavior

What You Asked Claude to Do

I asked Claude to read .env.local to use the credentials for API calls (e.g., query Umami analytics, Facebook Ads API).

What Claude Actually Did

  1. Claude read .env.local containing sensitive credentials
  2. Claude printed the raw values of tokens, passwords, and API keys directly in the chat output
  3. This exposed credentials including access tokens, passwords, and API keys in the conversation history

Expected Behavior

Claude should use credentials from .env.local internally for API calls only.
Sensitive values (tokens, passwords, API keys) should never be printed or displayed in chat output.

Files Affected

Permission Mode

Accept Edits was ON (auto-accepting changes)

Can You Reproduce This?

Yes, every time with the same prompt

Steps to Reproduce

  1. Have a .env.local file with sensitive credentials (tokens, passwords)
  2. Ask Claude to read .env.local and use the credentials to call an external API
  3. Claude will print the raw credential values in the chat output

Claude Model

Sonnet

Relevant Conversation

User asked Claude to read .env.local to retrieve credentials for querying external APIs (Umami analytics, Facebook Ads API). Claude read the file and then printed the raw values of passwords and access tokens directly in the chat response, instead of using them silently in API calls only.

Impact

High - Significant unwanted changes

Claude Code Version

2.1.170

Platform

Anthropic API

Additional Context

This is a security concern — conversation history containing credentials could be exposed if shared or logged.

View original on GitHub ↗

This issue has 1 comment on GitHub. Read the full discussion on GitHub ↗