Scanning & Redaction
The security pipeline is context-aware and runs in two passes:
- Scan the trace record field-by-field using the field type to decide whether entropy analysis is enabled.
- Scan the final serialized JSONL bytes to catch anything introduced during enrichment or serialization.
What Gets Scanned
| Field | Context | Notes |
|---|---|---|
system_prompts | General | Full scan |
task.description | General | Full scan |
steps[].content | General | Full scan |
steps[].reasoning_content | Reasoning | Regex only, no entropy |
steps[].tool_calls[].input | Tool input | Full scan for input-like tools, regex-only for result-like tools |
steps[].observations[].content | Tool result | Regex only, no entropy |
steps[].observations[].output_summary | Tool result | Regex only, no entropy |
steps[].observations[].error | Tool result | Regex only, no entropy |
steps[].snippets[].text | General | Full scan |
outcome.patch | General | Full scan |
environment.vcs.diff | General | Full scan, truncated before storage when the repo diff is very large |
The scanner also applies a second pass over the serialized JSONL output so redaction does not depend on field shape alone.
What Gets Redacted
Detected secrets and path fragments are replaced with [REDACTED] or hashed path segments, depending on the detector:
Before: export OPENAI_API_KEY=sk-abc123...
After: export OPENAI_API_KEY=[REDACTED]
Before: /Users/jay/src/project/...
After: /Users/[REDACTED]/src/project/...
The staged JSONL is rewritten in place. Raw Claude Code session files on disk are not modified.
Note: Detected secrets can also be replaced with named placeholders such as
[API_KEY_1],[EMAIL_2],[PERSON_3]when the EntityMap is in use.USER_PATHentities normalize paths in place (for example replacing only the username segment). See Security Tiers for the full tier model and the optional Tier 1.5 / 1.8 / 2 layers.
Heuristic Classifier
A heuristic classifier runs on top of scanning and redaction. It flags:
- internal hostnames
- AWS account IDs in ARNs
- database connection strings
- internal collaboration URLs
- dense UUID / hash sequences
- deep file paths that may reveal internal structure
Custom Redaction
opentraces config set custom_redact_strings INTERNAL_API_KEY --append
opentraces config set custom_redact_strings corp-secret-prefix- --append
Custom redaction strings are treated as literal matches wherever they appear in trace content. --append adds to the existing list instead of replacing it.