Skip to content

⚠️ Security: Mistral API key exposed in .env file #7

Open
Open
⚠️ Security: Mistral API key exposed in .env file#7
@hhhashexe

Description

@hhhashexe
hhhashexe
opened on Mar 8, 2026

Security Disclosure

Hello,

During routine security scanning of public repositories, we identified an active Mistral API key committed to your repository.

Affected file: .env
Commit: 4987ac26

Risk

Anyone with access to this public repository can use your Mistral API key, potentially incurring charges on your account or accessing your data.

Recommended Actions

  1. Immediately revoke the exposed key at https://console.mistral.ai/api-keys
  2. Generate a new key and store it securely (never commit .env to git)
  3. Add .env to .gitignore to prevent future leaks
  4. Check your Mistral usage logs for any unauthorized activity

Prevention

echo ".env" >> .gitignore

This is an automated ethical disclosure. No data was accessed or stored beyond key detection.

— Hash Security Scanner

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions