> For the complete documentation index, see [llms.txt](/llms.txt).
> Markdown versions of each page are available by appending .md to any URL.

# Prevent secrets from leaking

Use Warp Rules and built-in Secret Redaction to prevent API keys and credentials from leaking in agent output, demos, and shared sessions.

Learn how to safeguard credentials and sensitive data using Warp’s Secret Redaction and Rule system.

![Preventing secrets from leaking with Warp video](https://i.ytimg.com/vi/2ECPFKtQpVk/sddefault.jpg)

This tutorial shows how to use Warp’s **Rules** to prevent agents or collaborators from exposing sensitive information while coding or sharing output. Whether you’re pair-programming, streaming, or reviewing code, Warp can automatically redact secrets before they’re ever seen by an agent.

1.  #### The problem
    
    AI assistants often echo API keys, tokens, or credentials in generated code blocks.  
    When collaborating or screen-sharing, that can expose secrets publicly.
    
2.  #### The Rule setup
    
    Define a simple Rule in Warp that instructs the agent to **never display secrets** in outputs or commands.
    
    ```
    Rule: Protect SecretsBehavior:- Never include or reveal secrets when generating code or commands.- Automatically redact sensitive strings before showing output.
    ```
    
    Note
    
    Enable Warp’s built-in Secret Redaction:
    
    **Settings** > **Privacy** > **Secret redaction**
    
    This automatically masks sensitive values before the agent or output logs can access them.
    
3.  #### Benefits
    
    -   Protects API keys and credentials from exposure
    -   Keeps live streams and demos safe
    -   Works seamlessly with pair-programming or AI debugging