Summary
happy --claude-env KEY=VAL arguments are echoed verbatim into session logs at
~/.happy/logs/<timestamp>-pid-*.log, including API tokens. Any token passed via
--claude-env ANTHROPIC_AUTH_TOKEN=... ends up in plaintext on disk indefinitely.
Reproduce
happy --yolo --claude-env ANTHROPIC_AUTH_TOKEN=secret-test-token-12345 ...
grep secret-test-token-12345 ~/.happy/logs/*.log
# → matches the startup log
Affected
- happy CLI 1.1.8 (latest at time of report)
- Any wrapper that injects secrets via
--claude-env *_TOKEN=… or --claude-env *_KEY=…
(typical pattern for custom-endpoint setups: third-party gateways, internal
Anthropic-compatible proxies, etc.)
Suggested fix
Mask values for arg keys matching (?i)(token|key|secret|password|auth) in the
startup-args log line (and any other place where raw argv is serialized). The
arg name can stay; only the =<value> part needs to be redacted.
Summary
happy --claude-env KEY=VALarguments are echoed verbatim into session logs at~/.happy/logs/<timestamp>-pid-*.log, including API tokens. Any token passed via--claude-env ANTHROPIC_AUTH_TOKEN=...ends up in plaintext on disk indefinitely.Reproduce
Affected
--claude-env *_TOKEN=…or--claude-env *_KEY=…(typical pattern for custom-endpoint setups: third-party gateways, internal
Anthropic-compatible proxies, etc.)
Suggested fix
Mask values for arg keys matching
(?i)(token|key|secret|password|auth)in thestartup-args log line (and any other place where raw argv is serialized). The
arg name can stay; only the
=<value>part needs to be redacted.