AI & agents

Secrets in Prompt Scanner

Scan prompts, logs, configs, and agent context locally for tokens, API keys, JWTs, private URLs, and risky credentials before sharing them with AI tools.

Runs locally in your browser

Prompt, log, config, or agent context

Scans locally in your browser. Findings are heuristic; still review sensitive text manually before sharing it with an AI tool.

StatusHigh risk

Findings4

High severity3

Medium severity1

OpenAI-style API keyHIGH · line 2, column 16. AI provider API keys can create billable usage and should be rotated if shared.

Bearer tokenHIGH · line 3, column 16. Authorization bearer values often grant API access and should not be pasted into AI prompts.

JWTHIGH · line 4, column 6. JWTs can contain live access or identity claims. Decode safely, then revoke exposed tokens if needed.

Private or local URLMEDIUM · line 5, column 15. Internal URLs can reveal private infrastructure, admin paths, hostnames, ports, or local services.

Redacted copy

Before sending this to an AI assistant, remove secrets:
OPENAI_API_KEY=[REDACTED: OpenAI-style API key]
Authorization: [REDACTED: Bearer token]
JWT: [REDACTED: JWT]
Internal URL: [REDACTED: Private or local URL]

How to use this tool

Paste the prompt, log, config snippet, stack trace, or agent context you plan to share with an AI tool.

Review detected tokens, API keys, JWTs, private URLs, and suspicious secret assignments.

Copy the redacted version and manually check anything sensitive before sending it to an assistant or automation agent.

Why prompt secret scanning matters

AI prompts often contain debugging logs, environment snippets, curl commands, CI output, or copied application configs.

Those fragments can accidentally include API keys, bearer tokens, JWTs, basic-auth URLs, private hostnames, and internal admin paths.

Scanning locally before sharing context helps reduce the chance of leaking live credentials into chat history, agent traces, ticket comments, or vendor systems.

What this scanner looks for

The scanner checks for common credential patterns such as private key blocks, JWTs, GitHub-style tokens, OpenAI-style API keys, Slack tokens, bearer headers, secret assignments, and private network URLs.

It does not send the text to a server or use an external AI model. Matching happens in your browser with deterministic rules.

The finding list avoids printing the full secret again; use the redacted copy when preparing safe context.

Limitations and safe response

No browser scanner can prove text is safe. Some secrets are custom, short, encoded, split across lines, or hidden inside files that require project-specific knowledge.

False positives are possible when examples intentionally look like credentials.

If a real secret was already shared, rotate or revoke it instead of only deleting the prompt.

Examples

Prompt with a leaked token

Input

The API call fails with Authorization: Bearer ghp_exampletokenvalue1234567890

Output

The API call fails with Authorization: [REDACTED: Bearer token]

Internal URL before AI sharing

The scanner flags local and private URLs because they can expose internal service names, ports, and admin routes.

Input

Check why http://localhost:3000/admin returns 500 in this log.

FAQ

Does this upload my prompt or logs?

No. The scan runs locally in your browser and Lumio does not store prompt contents, secrets, logs, or redacted output for analytics.

Can this guarantee my prompt is safe?

No. It detects common patterns and risky signals, but you should still review sensitive context manually before sharing it with an AI tool.

What should I do if a real key is detected?

Remove it from the prompt, rotate or revoke the credential, and check whether it was already shared in chat history, tickets, logs, or automation traces.

Why are private URLs flagged?

Private URLs can reveal internal architecture, local admin paths, ports, or service names even when they are not credentials.