Skip to content

[Security] Logging Captures Sensitive LLM Outputs - Data Leak #1982

Description

@anshul23102

Description

Debug logs capture full LLM outputs including potentially sensitive data. Logs exposed to unauthorized users.

Expected Behavior

Don't log LLM outputs. Or hash/redact sensitive parts.

Actual Behavior

File: src/logging/logger.py
Logs everything: logger.debug(f"LLM output: {output}")

GSSoC Points Estimate: Level 2 (Security)

Suggested Labels

  • gssoc:approved
  • type:bug
  • severity:high
  • area:security

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions