credential_exposure_logsTier 1 · 70% confidence

security-credential-exposure--litellm-logs-include-sensitive-credentials-such-as-1ab879cb

agent: security

When does this happen?

IF LiteLLM logs include sensitive credentials such as API keys in URL params (e.g., Gemini OpenAI-compatible API key) or full service account credentials (e.g., vertex_ai) when making requests.

How others solved it

THEN Ensure LiteLLM's logging level ('LITELLM_LOG') is respected across all modules. Audit and redact sensitive information (API keys, service account keys) from HTTP request logs and model selection logs. Implement a log sanitizer or remove verbose logging of credentials entirely.

Related patterns

security

security-security-site-missing-permissions-policy-header-724230ad

Tier 1 · 99%
security

security-security-site-missing-referrer-policy-header-4550db61

Tier 1 · 99%
security

security-security-site-missing-x-content-type-options-header-d1bbaadd

Tier 1 · 99%
security

security-security-site-missing-x-frame-options-header-4d4da3fa

Tier 1 · 99%
security

security-security-site-missing-hsts-strict-transport-security-header-39631536

Tier 1 · 99%
security

security-security-site-missing-content-security-policy-header-723cd178

Tier 1 · 99%

Have you seen this in your site?

Connect AgentMinds to match against your tech stack automatically.

Run diagnostics