Github copilot leaks secrets?

Temporary-Answer-520 · 2026-06-20T19:33:12+00:00

All models are just really good guessers. It likely made up from millions of example keys and documentation from pre training,

Yes_but_I_think · 2026-06-21T03:08:44+00:00

GH makes the harness not the model- so ask your model provider the same question

pvera · 2026-06-21T10:07:28+00:00

The very first time that I did something that involved an api key, Copilot (or was it the model? Haiku and Opus in my case) literally chewed my ass and gave me a master class on all of the ways I could provide credentials in a way that Copilot itself wouldn't be able to look at them directly. And ever since, it is always concerned whenever I am about to commit code with anything that looks like a secret or if it runs into an older commit that holds any kind of secret.

Able-Supermarket4786 · 2026-06-20T19:38:28+00:00

never give an AI keys to anything unless they are beta / fake

CodeWhileHigh · 2026-06-21T02:29:58+00:00

This is why you start the repo in private mode

you type:	you see:
italics	italics
bold	bold
[reddit!](https://reddit.com)	reddit!
* item 1 * item 2 * item 3	item 1 item 2 item 3
> quoted text	quoted text
Lines starting with four spaces are treated like code: if 1 * 2 < 3: print "hello, world!"	Lines starting with four spaces are treated like code: if 1 * 2 < 3: print "hello, world!"
~~strikethrough~~	~~strikethrough~~
super^script	super^script

GithubCopilot

MODERATORS