From fe49ed01d96ad872b61b1e9ecd265822ebda7843 Mon Sep 17 00:00:00 2001 From: rabbitblood Date: Sun, 26 Apr 2026 16:12:33 -0700 Subject: [PATCH 1/3] chore(ci): enroll in org-wide secret-scan reusable workflow (Molecule-AI/molecule-core#2109 rollout) --- .github/workflows/secret-scan.yml | 22 ++++++++++++++++++++++ 1 file changed, 22 insertions(+) create mode 100644 .github/workflows/secret-scan.yml diff --git a/.github/workflows/secret-scan.yml b/.github/workflows/secret-scan.yml new file mode 100644 index 0000000..856fdff --- /dev/null +++ b/.github/workflows/secret-scan.yml @@ -0,0 +1,22 @@ +name: Secret scan + +# Calls the canonical reusable workflow in molecule-core. Defense +# against the #2090-class leak (a hosted-agent commit slipping a +# credential-shaped string into a PR). Pattern set lives in +# molecule-core so we don't maintain a parallel copy here. +# +# Pinned to @staging because that's the active default branch on the +# upstream repo (main lags behind via the staging-promotion workflow). +# Updates ride along automatically as the upstream regex set evolves. + +on: + pull_request: + types: [opened, synchronize, reopened] + push: + branches: [main, staging] + merge_group: + types: [checks_requested] + +jobs: + secret-scan: + uses: Molecule-AI/molecule-core/.github/workflows/secret-scan.yml@staging From 017f846ce25fd57547e8b63b236ef4578677ce95 Mon Sep 17 00:00:00 2001 From: rabbitblood Date: Sun, 26 Apr 2026 19:37:20 -0700 Subject: [PATCH 2/3] security(incident-log): redact full token values from F1088 incident report MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit The INCIDENT_LOG.md F1088 entry documented three production credentials that leaked via molecule-core PR #1098 (commit d513a0c) and were then INCLUDED IN PLAINTEXT in the documentation itself — the incident report became a secondary leak surface. Status of the three tokens (per the report's own Blast Radius table): - MiniMax (sk-cp-...KVw): revoked / endpoint inactive - GitHub PAT (github_pat_...hsIJLIL): revoked, confirmed 401 - Admin token (HlgeMb8...ShARE=): treated as active, rotation pending Even revoked tokens add noise to security audits and are findable via GitHub Code Search on the public docs repo. This PR replaces the full values with the short-suffix convention already in use in the same file's Blast Radius table, preserving the audit trail without the public-search surface. Side note: caught by Molecule-AI/molecule-core#2109's secret-scan workflow on PR #96 (the org-wide rollout that reused this same regex set caught its own first real find before the rollout PR even merged). The full values remain in molecule-core git history per F1088's explicit closure decision (no BFG scrub required); this PR doesn't change that. Co-Authored-By: Claude Opus 4.7 (1M context) --- content/docs/incidents/INCIDENT_LOG.md | 23 ++++++++++++++--------- 1 file changed, 14 insertions(+), 9 deletions(-) diff --git a/content/docs/incidents/INCIDENT_LOG.md b/content/docs/incidents/INCIDENT_LOG.md index d32d44e..9ef0cd9 100644 --- a/content/docs/incidents/INCIDENT_LOG.md +++ b/content/docs/incidents/INCIDENT_LOG.md @@ -88,7 +88,7 @@ Commit `d513a0ced549ef2be8903a7b4794256110ba1805` on staging (merged to main via |---|------------|-------|--------| | 1 | ANTHROPIC_AUTH_TOKEN | `sk-cp-lHt-QFSyZwZxeo...KVw` | ⚠️ Revoked or inactive (404 on API call) | | 2 | GITHUB_TOKEN | `github_pat_11BPRRWQI0m...hsIJLIL` | ✅ Revoked (confirmed 401) | -| 3 | ADMIN_TOKEN | `HlgeMb8LjQLXg/B4y8hYzhbCQlg5LNu0oEa4IjShARE=` | Needs confirmation — treated as active until proven otherwise | +| 3 | ADMIN_TOKEN | `HlgeMb8...ShARE=` | Needs confirmation — treated as active until proven otherwise | ### Resolution @@ -104,11 +104,13 @@ The commit itself fixed the problem by replacing hardcoded defaults with env-var ### Credentials Exposed -| # | Credential | Value (redacted reference) | Service | -|---|------------|------------------------------|---------| -| 1 | ANTHROPIC_AUTH_TOKEN | `sk-cp-lHt-QFSyZwZxeo_fMbmLUX3VgHOwbKGMXUZb6PS2U15D3fqjDB2qPh1OVEzvfvWs9CgcrUpyU7C682uVT_8GBy9RFLaFzBcdLkKdVcPX4yj9UaXNTH82KVw` | MiniMax API (api.minimax.io/anthropic) | -| 2 | GITHUB_TOKEN | `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` | GitHub (fine-grained PAT, scope unknown) | -| 3 | ADMIN_TOKEN | `HlgeMb8LjQLXg/B4y8hYzhbCQlg5LNu0oEa4IjShARE=` | Platform admin authentication | +> **Token values redacted from this table 2026-04-26** to reduce public-search surface (the docs repo is publicly indexed). Short-suffix references match the convention in the Blast Radius table below (lines 134-137). Full values remain in `molecule-core` git history per the F1088 closure decision (no BFG scrub). + +| # | Credential | Value (short suffix) | Service | +|---|------------|----------------------|---------| +| 1 | ANTHROPIC_AUTH_TOKEN | `sk-cp-...KVw` | MiniMax API (api.minimax.io/anthropic) | +| 2 | GITHUB_TOKEN | `github_pat_...hsIJLIL` | GitHub (fine-grained PAT, scope unknown) | +| 3 | ADMIN_TOKEN | `HlgeMb8...ShARE=` | Platform admin authentication | ### Affected Files @@ -153,10 +155,13 @@ The commit itself fixed the problem by replacing hardcoded defaults with env-var **Step 1 — Create credentials manifest (`creds.txt`) [NOT NEEDED]:** ``` -HlgeMb8LjQLXg/B4y8hYzhbCQlg5LNu0oEa4IjShARE= -sk-cp-lHt-QFSyZwZxeo_fMbmLUX3VgHOwbKGMXUZb6PS2U15D3fqjDB2qPh1OVEzvfvWs9CgcrUpyU7C682uVT_8GBy9RFLaFzBcdLkKdVcPX4yj9UaXNTH82KVw -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 + + + ``` +Full token values redacted from this doc 2026-04-26 (see note in the +Credentials Exposed table above). Pull from the Core-Security incident +ticket if a future revival of this BFG procedure is needed. **Step 2 — Clean origin/main:** ```bash From 543906e4e59a794df7800c7948861658225cc218 Mon Sep 17 00:00:00 2001 From: rabbitblood Date: Sun, 26 Apr 2026 21:11:33 -0700 Subject: [PATCH 3/3] ci: empty commit to refresh secret-scan log retention