Audit log credential redaction

[mabry1985]

Summary

Redact credentials from audit.jsonl entries and Langfuse spans.

Problem

audit.py captures tool call args and results verbatim. Hermes Agent v0.4 had a bug where browser credentials leaked into Telegram chat via progress output — same class of bug. protoAgent's AuditMiddleware serializes arbitrary tool I/O; if a tool returns an API key in its payload it lands in audit.jsonl and in the Langfuse trace.

Approach

• Add graph/middleware/redaction.py with a redact() helper
• Patterns:...

---

Recovered automatically by Automaker post-agent hook

Summary by CodeRabbit

Release Notes

• New Features

  • Sensitive credentials, including API keys, bearer tokens, and environment variables, are now automatically redacted from audit logs and observability traces.

• Tests

  • Added comprehensive tests validating credential redaction across logging and tracing flows, synchronous and asynchronous paths, and exception scenarios.
  • Added utility to verify audit logs remain free of unredacted credentials.

[coderabbitai]

Caution

Review failed

The pull request is closed.

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: ASSERTIVE

Plan: Pro

Run ID: 22b71e54-8239-4829-860e-5c12bc124885

📥 Commits

Reviewing files that changed from the base of the PR and between a19fb06 and 4d30033.

📒 Files selected for processing (8)

• .automaker-lock
• graph/middleware/audit.py
• graph/middleware/redaction.py
• tests/middleware/__init__.py
• tests/middleware/test_audit_redaction_integration.py
• tests/middleware/test_redaction.py
• tests/utils/__init__.py
• tests/utils/check_audit_clean.py

---

Walkthrough

This PR adds a credential redaction system to the middleware layer. A new redaction module detects and replaces sensitive data (API keys, bearer tokens, environment variables) with [REDACTED] placeholders in audit logs and tracing output. The audit middleware is updated to apply redaction before logging and tracing tool calls. Comprehensive tests and a utility script validate the redaction behavior.

Changes

Cohort / File(s)	Summary
Credential Redaction Core graph/middleware/redaction.py	New module implementing recursive credential redaction using precompiled regex patterns to sanitize strings, dictionaries, and nested structures. Detects bearer tokens, API keys, and environment-variable assignments with configurable recursion depth limit.
Middleware Integration graph/middleware/audit.py	Updated to import and apply redact() before logging/tracing tool calls. Redacts args in both sync and async paths, tool content for result summaries, and exception text in failure cases.
Redaction Testing tests/middleware/test_redaction.py, tests/middleware/test_audit_redaction_integration.py	New unit and integration test suites validating redaction patterns (bearer tokens, OpenAI keys, generic API keys, env-var assignments) across scalar strings, nested structures, and Langfuse-like payloads; verify non-mutation, JSON serializability, and false-positive avoidance.
Audit Verification Utility tests/utils/check_audit_clean.py	New CLI script scanning JSONL audit logs for unredacted credential patterns. Reports violations by line number, pattern matched, and excerpt context; returns appropriate exit codes for CI/CD integration.
Configuration .automaker-lock	Updated featureId and startedAt fields to reflect current feature context.

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~20 minutes

✨ Finishing Touches

📝 Generate docstrings

• Create stacked PR
• Commit on current branch

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch feature/audit-log-credential-redaction

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}