logoalt Hacker News

spurgelaurelsyesterday at 5:27 PM5 repliesview on HN

Fun game, but it showed the lack of security hygiene employed by the game writer. It said `cat ~/.zshrc` was bad because it would share tokens and secrets, but I would never put secrets into my shell rc.

Replies

londons_exploreyesterday at 5:50 PM

Plenty of people would. But then I guess they're in env and probably already available to Claude

shlewistoday at 4:24 AM

I don't do this myself, but I can also see how many would do this.

arowthwaytoday at 7:05 AM

Also, there's nothing inherently insecure about feeding secrets to an LLM, it's only one element of the lethal trifecta.

otabdeveloper4today at 7:17 AM

Having "tokens and secrets" at all is a lack of security hygiene.

nish__yesterday at 5:50 PM

Where would you put them?

show 6 replies