john/tractatus
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
tractatus/SECURITY_INCIDENT_HUMAN_ACTIONS_REQUIRED.md
TheFlow af58ce01b6 fix(security): comprehensive security incident response for API key exposure 
INCIDENT SUMMARY:
- Date: 2025-10-21
- Severity: CRITICAL → MEDIUM (credential revoked before exploitation)
- Exposed: Anthropic API key (ID 5043627, name: family-history-ocr)
- Location: docs/STRIPE_LIVE_MODE_DEPLOYMENT.md (commit 31345d5c)
- Detection: GitHub secret scanning (automatic)
- Revocation: Anthropic (automatic, within hours)
- Financial Impact: $0 (no unauthorized usage)

ROOT CAUSE - 5 FAILURE POINTS:
1. No credential redaction in documentation (PREVENTION)
2. Framework fade - BoundaryEnforcer not used (ENFORCEMENT)
3. No pre-commit secret detection (DETECTION)
4. No credential audit in pre-deployment checklist (MITIGATION)
5. Single-layer security model, not defense-in-depth (ARCHITECTURAL)

NEW GOVERNANCE RULES:
- inst_069: Credential Handling in Documentation (SYSTEM, HIGH, PERMANENT)
  - Requires ALL credentials redacted with example-only values
  - Patterns: sk-ant-api03-EXAMPLE-REDACTED, sk_live_EXAMPLE_REDACTED
  - Mandatory secret detection scan before commits

- inst_070: Pre-Commit Secret Detection (SYSTEM, HIGH, PERMANENT)
  - Requires gitleaks or detect-secrets as pre-commit hook
  - BLOCKS commits containing secrets
  - False positives require user approval + documentation

- inst_071: Enhanced Pre-Deployment Checklist (OPERATIONAL, HIGH, PERMANENT)
  - Replaces inst_054 with 8 steps including secret detection
  - Step 2: gitleaks detect --source .
  - Step 3: Credential audit (grep for sk-, pk-, secret, password)
  - Step 8: Public repository content review

- inst_072: Assume Breach - Defense in Depth (STRATEGIC, HIGH, PERMANENT)
  - Layer 1 - Prevention: Never commit credentials
  - Layer 2 - Mitigation: Redact credentials in docs
  - Layer 3 - Detection: Pre-commit secret scanning (automated)
  - Layer 4 - Backstop: GitHub secret scanning
  - Layer 5 - Recovery: Credential rotation procedures

DOCUMENTATION:
- SECURITY_INCIDENT_POST_MORTEM_2025-10-21.md (comprehensive analysis)
- SECURITY_INCIDENT_HUMAN_ACTIONS_REQUIRED.md (15-step action plan)
- scripts/install-gitleaks-hook.sh (automated installation)
- scripts/add-security-rules-2025-10-21.js (rules migration)

ADDITIONAL FINDINGS:
Comprehensive credential scan revealed additional exposed credentials in
internal repository (not public):
- Same Anthropic key in .env file
- Same key in internal docs/STRIPE_LIVE_MODE_DEPLOYMENT.md
- Stripe test keys in .env
- JWT production secret in .env

HUMAN ACTIONS REQUIRED:
1. Rotate Anthropic API key (CRITICAL)
2. Rotate JWT secret (CRITICAL)
3. Remove credentials from internal repository files
4. Install gitleaks pre-commit hook
5. Decide on git history cleanup (Option A/B/C)

VERSION UPDATE:
- instruction-history.json: 3.6 → 3.7
- Total rules: 68 → 72
- Active rules: 56 → 59

🤖 Generated with Claude Code
Co-Authored-By: Claude <noreply@anthropic.com>
2025-10-22 00:31:30 +13:00

15 KiB
Raw Blame History

SECURITY INCIDENT - HUMAN ACTIONS REQUIRED

Date: 2025-10-21 Incident: Anthropic API Key Exposure + Additional Credentials Found Severity: CRITICAL Status: IMMEDIATE ACTION REQUIRED

EXECUTIVE SUMMARY

What Happened:

  1. Anthropic API key exposed in public GitHub repository (tractatus-framework)
  2. Key automatically revoked by Anthropic (good - their secret scanning worked)
  3. Comprehensive scan revealed ADDITIONAL exposed credentials in internal repository

Credentials Found:

  1. Anthropic API key (REVOKED by Anthropic)
  2. SAME Anthropic key STILL in .env file (internal repo)
  3. SAME Anthropic key STILL in docs/STRIPE_LIVE_MODE_DEPLOYMENT.md (internal repo)
  4. Stripe TEST keys in .env (low risk, but still credentials)
  5. JWT secret in .env (production secret)

Your Action: Follow checklist below IMMEDIATELY

CRITICAL - IMMEDIATE ACTIONS (Next 30 Minutes)

1. Rotate Anthropic API Key HIGHEST PRIORITY

Why: Same key that was exposed publicly is STILL in internal repository

Actions:

  1. Login to Anthropic Console: https://platform.claude.com/settings/keys
  2. Verify key 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 is revoked
    • Key ID: 5043627
    • Key Name: family-history-ocr
    • Status should show: REVOKED
  3. Create NEW API key:
    • Name: tractatus-production-2025-10-21 (or similar)
    • Description: "Replaces compromised key family-history-ocr"
    • Copy new key (starts with sk-ant-api03-)
  4. Update .env file: 
    # Open .env file
nano /home/theflow/projects/tractatus/.env

# Replace OLD key with NEW key:
# OLD: CLAUDE_API_KEY=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
# NEW: CLAUDE_API_KEY=sk-ant-api03-YOUR_NEW_KEY_HERE

# Save and exit (Ctrl+X, Y, Enter)
  5. Test new key: 
    curl https://api.anthropic.com/v1/messages \
  --header "x-api-key: sk-ant-api03-YOUR_NEW_KEY_HERE" \
  --header "anthropic-version: 2023-06-01" \
  --header "content-type: application/json" \
  --data '{"model": "claude-sonnet-4-5-20250929", "max_tokens": 10, "messages": [{"role": "user", "content": "test"}]}'

# Should return valid response (not 401 error)

Verification: New key works, old key definitely revoked

2. Remove Exposed Key from Documentation CRITICAL

Why: docs/STRIPE_LIVE_MODE_DEPLOYMENT.md contains the SAME exposed key

Actions:

# Edit the file
nano /home/theflow/projects/tractatus/docs/STRIPE_LIVE_MODE_DEPLOYMENT.md

# Find line with: CLAUDE_API_KEY=sk-ant-api03-_xmqWkax8jx...
# Replace with: CLAUDE_API_KEY=sk-ant-api03-EXAMPLE-REDACTED-NEVER-USE

# Save and exit

Alternative (automated):

sed -i 's/CLAUDE_API_KEY=sk-ant-api03-[a-zA-Z0-9_-]*/CLAUDE_API_KEY=sk-ant-api03-EXAMPLE-REDACTED-NEVER-USE/g' docs/STRIPE_LIVE_MODE_DEPLOYMENT.md

Verification: No real API keys in documentation

3. Rotate JWT Secret HIGH PRIORITY

Why: JWT secret in .env is production credential used for authentication

Current Secret (EXPOSED):

d4d9b5ac258123dbab38abf5ca7cd6274e2247d247a5a4fc18a031853cb332ec9d661f2cdb6aac7288bfffdcfb69b7c34cef84d342c139e69064941a8525f4c5

Actions:

  1. Generate new JWT secret: 
    # Generate secure random secret (64 bytes hex)
openssl rand -hex 64

# Copy the output
  2. Update .env: 
    nano .env

# Replace:
# OLD: JWT_SECRET=d4d9b5ac258123db...
# NEW: JWT_SECRET=<paste_new_secret_here>

# Save and exit
  3. IMPORTANT: This will invalidate ALL existing JWT tokens
    • All users will need to re-login
    • Any admin sessions will be terminated
    • This is CORRECT behavior (invalidates potentially compromised sessions)

Verification: Server starts successfully with new JWT secret

4. Rotate Stripe Keys (OPTIONAL - Low Risk) ⚠️ MEDIUM PRIORITY

Why: Stripe TEST keys found in .env (not live keys, low financial risk)

Current Keys (TEST mode):

  • Secret: sk_test_51RX67kGhfAwOYBrf2yU9XCbjkJERKuYhvreL5bFOV7Rr2qdDlHbVRobZ7bz7bC7ZR89q2aI4fX6rubqTl7iH2Y3U001FPAsNxr
  • Publishable: pk_test_51RX67kGhfAwOYBrfbow71FlMSRR2fZlWysLV5w9oV0ylCFf5nLL4Aoin2SWBnmgnkBv6pusOlfxctt9kRBKHOjWC00XGag29RO

Risk Assessment:

  • These are TEST keys (sk_test_, pk_test_)
  • No real money can be charged
  • Still best practice to rotate

Actions (if you want to rotate):

  1. Login to Stripe Dashboard: https://dashboard.stripe.com/test/apikeys
  2. Roll secret key (this creates new key and invalidates old)
  3. Copy new keys
  4. Update .env: 
    STRIPE_SECRET_KEY=sk_test_YOUR_NEW_SECRET_KEY
STRIPE_PUBLISHABLE_KEY=pk_test_YOUR_NEW_PUBLISHABLE_KEY

Decision: Your call - test keys have low risk, but rotation is prudent

SECONDARY ACTIONS (Next 1-2 Hours)

5. Install Gitleaks (Secret Detection Tool)

Why: Prevents future credential exposure with automated pre-commit scanning

Installation (Linux):

# Download gitleaks
wget https://github.com/gitleaks/gitleaks/releases/download/v8.18.1/gitleaks_8.18.1_linux_x64.tar.gz

# Extract
tar -xzf gitleaks_8.18.1_linux_x64.tar.gz

# Move to /usr/local/bin
sudo mv gitleaks /usr/local/bin/

# Verify installation
gitleaks version

Installation (Mac - if applicable):

brew install gitleaks

Test:

# Scan repository
cd /home/theflow/projects/tractatus
gitleaks detect --source . --verbose

# Should detect credentials in .env, docs/STRIPE_LIVE_MODE_DEPLOYMENT.md

6. Create Git Pre-Commit Hook

Why: Blocks commits containing secrets BEFORE they reach git history

Actions:

# Navigate to repository
cd /home/theflow/projects/tractatus

# Create pre-commit hook
cat > .git/hooks/pre-commit << 'EOF'
#!/bin/bash

echo "🔍 Running secret detection scan..."
gitleaks detect --source . --verbose --no-git

if [ $? -ne 0 ]; then
  echo ""
  echo "❌ SECRETS DETECTED - Commit blocked"
  echo ""
  echo "If this is a false positive:"
  echo "  1. Verify it's NOT a real secret"
  echo "  2. Add to .gitleaksignore with explanation"
  echo "  3. Get user approval"
  echo "  4. Try committing again"
  echo ""
  exit 1
fi

echo "✅ No secrets detected - proceeding with commit"
exit 0
EOF

# Make executable
chmod +x .git/hooks/pre-commit

# Test
echo "test-secret=sk-ant-api03-test" > test-file.txt
git add test-file.txt
git commit -m "test"  # Should BLOCK with secret detection error
rm test-file.txt
git reset HEAD test-file.txt

Verification: Committing a file with API key pattern is BLOCKED

7. Add .env to .gitignore (If Not Already)

Why: Ensures .env never accidentally committed

Actions:

# Check if .env in .gitignore
grep "^\.env$" .gitignore

# If not found, add it:
echo ".env" >> .gitignore

# Verify
cat .gitignore | grep "\.env"

Verification: .env appears in .gitignore

8. Remove docs/STRIPE_LIVE_MODE_DEPLOYMENT.md from Public Repository

Why: This file was exposed in public repo at commit 31345d5c1abc8c8da9387d55494a1741f451f9a7

Decision Required:

Option A: Delete file from git history (RECOMMENDED)

  • Pros: Removes credential from git history
  • Cons: Force push required, breaks forks
  • Tool: BFG Repo-Cleaner

Option B: Accept file in history, rely on key revocation

  • Pros: No repository disruption
  • Cons: Credential remains in git history (already revoked)
  • Action: None needed

Option C: Delete public repository and recreate

  • Pros: Complete removal
  • Cons: Loses stars, discussions, community engagement

Recommendation: Option B (accept in history) since:

  1. Key already revoked by Anthropic
  2. Public repo is tractatus-framework (implementation only)
  3. No active community yet (early stage)
  4. Low risk of exploitation (key revoked)

If you choose Option A (remove from history):

# Install BFG Repo-Cleaner
wget https://repo1.maven.org/maven2/com/madgag/bfg/1.14.0/bfg-1.14.0.jar
java -jar bfg-1.14.0.jar --delete-files STRIPE_LIVE_MODE_DEPLOYMENT.md /path/to/tractatus-framework

# Follow BFG instructions to git reflog expire and force push

Your Decision: Which option?

9. Review All .env Files Across All Projects

Why: If one project exposed credentials, others might too

Projects to Check:

  1. /home/theflow/projects/tractatus (DONE - issues found)
  2. /home/theflow/projects/family-history (CHECK THIS)
  3. /home/theflow/projects/sydigital (CHECK THIS)
  4. Any other projects

Actions for Each Project:

# Navigate to project
cd /home/theflow/projects/PROJECTNAME

# Check .env exists
ls -la .env

# Scan for credentials
gitleaks detect --source . --verbose

# Check if .env in git history (BAD if true)
git log --all --full-history -- .env

Verification: No .env files in git history across any project

MONITORING & VERIFICATION (Next 24-48 Hours)

10. Monitor Anthropic API Usage

Why: Detect unauthorized usage of compromised key (before revocation)

Actions:

  1. Login to Anthropic Console: https://platform.claude.com/settings/usage
  2. Review API usage for past 24 hours
  3. Look for:
    • Unusual volume spikes
    • Geographic anomalies (API calls from unexpected regions)
    • Unknown application names
    • Timestamp gaps (usage when you weren't working)

Red Flags:

  • API calls from non-Europe/non-Australia IPs (if you're only in those regions)
  • Calls during hours you weren't working (e.g., 2-6 AM your timezone)
  • Sudden spike in usage
  • Unfamiliar model names or endpoints

Action if Suspicious: Contact Anthropic support immediately

11. Monitor Stripe Dashboard

Why: Detect unauthorized test transactions (low risk with test keys)

Actions:

  1. Login to Stripe Dashboard: https://dashboard.stripe.com/test/payments
  2. Review test transactions for past 7 days
  3. Look for unexpected test charges

Note: Test keys cannot charge real money, so financial risk is zero

12. Review Git Log for Other Credential Exposures

Why: May have committed other secrets in past

Actions:

cd /home/theflow/projects/tractatus

# Scan entire git history for secrets
gitleaks detect --source . --log-opts="--all" --verbose --report-path=/tmp/gitleaks-report.json

# Review report
cat /tmp/gitleaks-report.json | jq '.'

# Or use grep for common patterns
git log -p --all | grep -E "sk-|pk-|api.?key|secret|password" | head -50

Action if Found: Rotate those credentials too

POST-INCIDENT IMPROVEMENTS

13. Update SECURITY.md in Public Repository

Why: Transparency and incident disclosure

Actions:

  1. Add incident to Security Audit History table
  2. Document response (key revocation, rotation procedures)
  3. Update best practices based on learnings

Draft Entry:

| Date | Type | Severity | Status | Details |
|------|------|----------|--------|---------|
| 2025-10-21 | Credential Exposure | CRITICAL | Resolved | Anthropic API key exposed in docs/STRIPE_LIVE_MODE_DEPLOYMENT.md at commit 31345d5c1a. Key automatically revoked by Anthropic via GitHub secret scanning. All credentials rotated. Pre-commit secret detection implemented. |

14. Document Incident in Internal Post-Mortem

File: docs/security/INCIDENT_2025-10-21_API_KEY_EXPOSURE.md

Sections:

  1. Timeline
  2. Root cause
  3. Impact assessment
  4. Response actions
  5. Preventive measures
  6. Lessons learned

Claude will create this - see SECURITY_INCIDENT_POST_MORTEM_2025-10-21.md

15. Review and Test Pre-Deployment Checklist

Why: Ensure inst_071 (new enhanced checklist) prevents recurrence

Actions:

  1. Review inst_071 checklist
  2. Practice running each step
  3. Identify any gaps
  4. Update checklist if needed

Checklist (from inst_071):

□ 1. CSP Compliance Check [AUTOMATED via hook]
□ 2. Secret Detection Scan (gitleaks detect --source .)
□ 3. Credential Audit (grep -r "sk-" "pk-" "secret" "password")
□ 4. Local Server Test (curl http://localhost:9000/health → 200 OK)
□ 5. Comprehensive Testing (npm test → all pass)
□ 6. Permission Verification (ls -la → correct 644/755)
□ 7. Git Status Clean (no uncommitted changes)
□ 8. Public Repository Content Review (no internal docs)

SUMMARY CHECKLIST

Use this to track completion:

CRITICAL (Do Now):

  • Rotate Anthropic API key (create new, update .env)
  • Remove exposed key from docs/STRIPE_LIVE_MODE_DEPLOYMENT.md
  • Rotate JWT secret (generate new, update .env)
  • Test application with new credentials

HIGH PRIORITY (Next 2 Hours):

  • Install gitleaks
  • Create pre-commit hook
  • Verify .env in .gitignore
  • Decide on public repo history (Option A/B/C)

MEDIUM PRIORITY (Next 24 Hours):

  • Rotate Stripe test keys (optional)
  • Review other projects (.env files)
  • Monitor Anthropic API usage
  • Monitor Stripe dashboard
  • Scan git history for other secrets

LOW PRIORITY (Next Week):

  • Update SECURITY.md
  • Review post-mortem
  • Test pre-deployment checklist
  • Schedule quarterly security audits

QUESTIONS & CLARIFICATIONS

Q: Why did this happen?

A: Multiple failures in credential handling:

  1. Real API key in documentation (should have been redacted example)
  2. No secret detection before commit (no pre-commit hook)
  3. No credential audit in cleanup checklist (inst_054 didn't include secret scan)
  4. Framework components not actively used (BoundaryEnforcer should have caught this)

Q: Was this malicious AI behavior?

A: NO. This was systematic failure in processes, not AI having "bad intent":

  • AI doesn't have intent (good or bad)
  • AI made mistakes that had catastrophic consequences
  • Framework existed but wasn't enforced (framework fade)
  • New rules (inst_069-072) prevent recurrence

Q: What's the financial impact?

A: MINIMAL (likely zero):

  • Anthropic key revoked immediately (GitHub secret scanning worked)
  • No evidence of unauthorized usage (monitor to confirm)
  • Stripe keys are TEST mode only (no real money)
  • JWT secret rotation invalidates sessions (security benefit)

Q: Will this happen again?

A: NOT if we follow new procedures:

  • inst_069: Mandatory credential redaction
  • inst_070: Pre-commit secret detection (automated)
  • inst_071: Enhanced deployment checklist (includes credential audit)
  • inst_072: Defense-in-depth (5 layers of protection)
  • Gitleaks hook: Blocks commits with secrets

Q: Should I be worried about other credentials?

A: YES - Audit recommended:

  • Review all projects for .env files
  • Scan git history with gitleaks
  • Rotate credentials found in scans
  • Implement secret detection across all projects

CONTACT & SUPPORT

Anthropic Support: https://support.anthropic.com Stripe Support: https://support.stripe.com GitHub Security: https://docs.github.com/en/code-security/secret-scanning

Internal: Review SECURITY_INCIDENT_POST_MORTEM_2025-10-21.md for full analysis

CREATED: 2025-10-21 by Claude Code (Automated Security Response) URGENCY: IMMEDIATE ACTION REQUIRED NEXT REVIEW: After completing CRITICAL section (next 30 minutes)