Coding agents and secret exposure: what IAM teams need to know

TL;DR: Coding agents such as Copilot, Codex, and Cursor can expose API keys, database credentials, and tokens when secrets are pasted into chat, stored in files, or left in shell history, according to Delinea. It proposes MCP plus Secret Server to keep secrets in memory and auditable, as the deeper issue is that developer workflows are now secret-bearing runtime environments, so traditional paste-once or .env handling no longer matches the risk.

NHIMG editorial — based on content published by Delinea: Keep your API keys out of the chat: A practical guide to secret-safe coding agents

Questions worth separating out

Q: How should security teams handle secrets in coding-agent workflows?

A: Security teams should treat coding-agent workflows as privileged secret paths.

Q: Why do coding agents increase the risk of secret leakage?

A: Coding agents expand the places where a secret can be exposed, including chat logs, local files, terminal history, and provider retention.

Q: What breaks when secrets are handled through files or chat with agents?

A: What breaks is the assumption that a secret only exists in one controlled place at one controlled time.

Practitioner guidance

• Define secret-safe coding-agent workflows Classify every agent-assisted task that touches credentials, then require runtime retrieval instead of pasting secrets into chat, files, or shell commands.
• Broker secrets through an approved identity path Use an authenticated bridge such as MCP only when the request can be tied to an existing identity, a short-lived session, and a recorded approval decision.
• Eliminate durable secret traces Block workflows that write secrets to disk, shell history, or shared logs, and verify that cleanup happens immediately after the task completes.

What's in the full article

Delinea's full blog post covers the operational detail this post intentionally leaves for the source:

• The concrete MCP request flow used to fetch secrets without storing plaintext in the agent.
• The step-by-step command pattern for runtime secret retrieval and memory cleanup.
• The bonus controls around audit trails, automatic rotation, and AI-driven just-in-time approvals.
• The implementation framing for developers who need a practical workflow rather than a policy overview.

👉 Read Delinea's guide to secret-safe coding agents and MCP-based secret handling →

Coding agents and secret exposure: what IAM teams need to know?

Explore further

View Full Forum →  |  NHI Foundation Course →