Proposal: Shell environment credential leak auditor

[jinguanghai]

Problem

OpenCode's shell tool inherits the user's full environment, including API keys, tokens, and credentials. These can be accidentally leaked in logs, tool outputs, or error messages.

Proposed Solution

Add an optional shellAudit() function that detects and redacts 8 types of credential patterns from the shell environment before execution.

Evidence

• Implementation: ~40 lines TypeScript
• Tests: 6 cases covering all 8 patterns + 2 edge cases
• Zero breaking changes, zero new dependencies
• Tested on dev branch

Checklist

• Not a duplicate
• Read contributing guidelines

[github-actions]

This issue doesn't fully meet our contributing guidelines.

What needs to be fixed:

• Feature request titles must start with [FEATURE]: (current title: "Proposal: Shell environment credential leak auditor")
• Please use the Feature Request issue template, which includes the required verification checkbox and description fields

Please edit this issue to address the above within 2 hours, or it will be automatically closed.

---

This issue might be a duplicate of existing issues. Please check:

• Feature Request: Zero-Trust Architecture for Environment Variable Security #4961: Zero-Trust Architecture for Environment Variable Security — proposes client-side secret detection and redaction to prevent credentials from being transmitted to LLM providers
• [FEATURE] Pre/post API call hooks in Provider interface for secret redaction and exfiltration prevention #19425: Pre/post API call hooks for secret redaction and exfiltration prevention — proposes API-level hooks to redact sensitive data before it leaves the machine

If you believe this was flagged incorrectly, please let a maintainer know.

[github-actions]

This issue has been automatically closed because it was not updated to meet our contributing guidelines within the 2-hour window.

Feel free to open a new issue that follows our issue templates.