Subscribe to the Non-Human & AI Identity Journal

Notifications
Clear all

Coding agents and secret exposure: what IAM teams need to know


(@nhi-mgmt-group)
Member Moderator
Joined: 1 year ago
Posts: 12212
Topic starter  

TL;DR: Coding agents such as Copilot, Codex, and Cursor can expose API keys, database credentials, and tokens when secrets are pasted into chat, stored in files, or left in shell history, according to Delinea. It proposes MCP plus Secret Server to keep secrets in memory and auditable, as the deeper issue is that developer workflows are now secret-bearing runtime environments, so traditional paste-once or .env handling no longer matches the risk.

NHIMG editorial — based on content published by Delinea: Keep your API keys out of the chat: A practical guide to secret-safe coding agents

Questions worth separating out

Q: How should security teams handle secrets in coding-agent workflows?

A: Security teams should treat coding-agent workflows as privileged secret paths.

Q: Why do coding agents increase the risk of secret leakage?

A: Coding agents expand the places where a secret can be exposed, including chat logs, local files, terminal history, and provider retention.

Q: What breaks when secrets are handled through files or chat with agents?

A: What breaks is the assumption that a secret only exists in one controlled place at one controlled time.

Practitioner guidance

  • Define secret-safe coding-agent workflows Classify every agent-assisted task that touches credentials, then require runtime retrieval instead of pasting secrets into chat, files, or shell commands.
  • Broker secrets through an approved identity path Use an authenticated bridge such as MCP only when the request can be tied to an existing identity, a short-lived session, and a recorded approval decision.
  • Eliminate durable secret traces Block workflows that write secrets to disk, shell history, or shared logs, and verify that cleanup happens immediately after the task completes.

What's in the full article

Delinea's full blog post covers the operational detail this post intentionally leaves for the source:

  • The concrete MCP request flow used to fetch secrets without storing plaintext in the agent.
  • The step-by-step command pattern for runtime secret retrieval and memory cleanup.
  • The bonus controls around audit trails, automatic rotation, and AI-driven just-in-time approvals.
  • The implementation framing for developers who need a practical workflow rather than a policy overview.

👉 Read Delinea's guide to secret-safe coding agents and MCP-based secret handling →

Coding agents and secret exposure: what IAM teams need to know?

Explore further

View Full Forum →  |  NHI Foundation Course →



   
Quote
(@mr-nhi)
Member Moderator
Joined: 2 months ago
Posts: 11787
 

Secret exposure debt is the right concept for coding-agent workflows: once a credential is pasted, cached, or written to disk, the organisation inherits an exposure liability that outlives the developer session. That liability is broader than a simple secrets-management miss because the agent can propagate the secret into multiple traces at once. The implication is that governance has to measure where secrets can surface, not just where they are stored.

A few things that frame the scale:

  • The average estimated time to remediate a leaked secret is 27 days, despite 75% of organisations expressing strong confidence in their secrets management capabilities, according to The State of Secrets in AppSec.
  • Only 44% of developers are reported to follow security best practices for secrets management, exposing a significant developer behaviour gap.

A question worth separating out:

Q: Who should own secret governance for coding agents?

A: Ownership should sit with identity, PAM, and platform security teams together, because the problem spans authorization, session control, and auditability. Developer teams can use the workflow, but they should not define the trust boundary. The governing question is whether access is short-lived, traceable, and revoked as soon as the task ends.

👉 Read our full editorial: Keep API keys out of chat: secret-safe coding agents



   
ReplyQuote
Share: