In [3]:
# 🔒 Security Check: Ensure API Keys are Protected
import subprocess

import os

print("🔒 API Key Security Check")
print("=" * 50)

# Check if .env files are properly ignored by git
def check_gitignore():
    try:
        # Check if .env is ignored
        result = subprocess.run(['git', 'check-ignore', 'Anthropic/.env'], 
                              capture_output=True, text=True, cwd='/Users/geekoder/VSCodeProjects/llm')
        if result.returncode == 0:
            print("✅ .env file is properly ignored by Git")
            return True
        else:
            print("❌ WARNING: .env file might NOT be ignored by Git!")
            return False
    except Exception as e:
        print(f"❌ Error checking git ignore: {e}")
        return False

# Check what files would be committed
def check_git_status():
    try:
        result = subprocess.run(['git', 'status', '--porcelain'], 
                              capture_output=True, text=True, cwd='/Users/geekoder/VSCodeProjects/llm')
        if result.stdout.strip():
            print("\n📋 Files that would be committed:")
            for line in result.stdout.strip().split('\n'):
                if '.env' in line:
                    print(f"   ❌ DANGER: {line}")
                else:
                    print(f"   ✅ {line}")
        else:
            print("\n✅ No files staged for commit")
        return result.stdout
    except Exception as e:
        print(f"❌ Error checking git status: {e}")
        return ""

# Check if API key is loaded from environment (not hardcoded)
def check_api_key_source():
    if 'Anthropic_API_Key' in globals():
        # Check if it looks like it came from environment
        key_value = globals()['Anthropic_API_Key']
        if key_value and len(key_value) > 10:
            print("✅ API key is loaded (from environment)")
            print(f"   Key starts with: {key_value[:10]}...")
            return True
        else:
            print("❌ API key not properly loaded")
            return False
    else:
        print("❌ API key variable not found")
        return False

# Run all checks
print("1. Checking .gitignore protection:")
gitignore_ok = check_gitignore()

print("\n2. Checking git status:")
git_status = check_git_status()

print("\n3. Checking API key source:")
api_key_ok = check_api_key_source()

print("\n" + "=" * 50)
if gitignore_ok and not ('.env' in git_status) and api_key_ok:
    print("🎉 ALL CHECKS PASSED - Safe to push!")
else:
    print("⚠️  SECURITY WARNINGS DETECTED - Review before pushing!")

🔒 API Key Security Check
1. Checking .gitignore protection:
✅ .env file is properly ignored by Git

2. Checking git status:

📋 Files that would be committed:
   ✅ ?? Anthropic/SecurityCheck.ipynb

3. Checking API key source:
❌ API key variable not found

