Ask HN: Do you sanitize secrets before pasting code into ChatGPT?

2•giovanella•1h ago

I use AI assistants (ChatGPT/Claude) heavily for debugging, but realized I'm constantly pasting code that contains API keys, database credentials, and customer emails.

I try to manually redact them but honestly forget half the time.

Questions: - Is this actually a security risk? - How do you handle this in your workflow? - Would you use a tool that auto-sanitizes your clipboard?

Trying to figure out if this is a real problem or just me being paranoid.

Comments

namegulf•1h ago

Rule of thumb: Do not enter anything that is proprietary into that prompt text box!

Yes that includes credentials.

minimaxir•1h ago

If you are using the free web interface, yes, it’s a security issue as inputs there are trained upon.

APIs, less so.

throw03172019•58m ago

Big risk. Especially if you have memory enabled or have not toggled off the “ok to train on my data” toggle.

NetworkPerson•57m ago

If you shared the chat at any point, it can be discovered by others. ChatGPT has also had at least one bug in the past where users were able to see the chats of others. So yeah, even if paid or over API, it’s not a good idea to trust it with sensitive information.

The chemical attack that forced the Northern line's extraordinary repair

Meta Execs Privately Compared Instagram to Addictive Drug, Court Filing Shows

After nearly 100 years, scientists may have detected dark matter

AI Agent that automates biotech experiments

Inside the DOGE Succession Drama Elon Musk Left Behind

CS234: Reinforcement Learning Winter 2025

Doge May Be Dead, but Its Crimes Live On

NJ company is allowed to import cocaine plants (2023)

Brand New Layouts with CSS Subgrid

Show HN: Tripnly Lisboa City Pass – 5 Days for 1€

What Now? Handling Errors in Large Systems

An Incomplete List of Eminent Psychologists of the Modern Era (2014)

I Got Working RCS Messaging

Secrets in unlisted GitHub gists are now reported to secret scanning partners

Mass Surveillance Is Powering a New Era of Pretextual Traffic Stops

Ask HN: How does one move from BigTech to more fullfilling places?

Looking to build muscle? Lose weight? Need more protein, right? Probably not

Tell HN: Karpathy's MinGPT Works on Windows and AMD (Ryzen Max)

Show HN: Parm – Install GitHub releases just like your favorite package manager

The gruesome new data on tech jobs

Brain changes observed during pregnancy (2024)

Learn to code music in the browser with strudel.cc (Free and open-source)

Dear Peter (Thiel)

Daily coffee drinking may slow bio aging of people with major mental illness

Unix man pages: AI-friendly documentation since 1971

Meta had a 17-strike policy for sex trafficking, former safety leader claims

SF home invasion targets crypto of Physical Intelligence co-founder Lachy Groom

Show HN: I Figured It Out

Show HN: Kubently – Debug Kubernetes Clusters Agentically

Show HN: I built a running coach that reacts to your training performance