E1309. Secret value leak in payload

Severity: ERROR. Class: SecretValueLeakInPayload (subclass of RuntimeError).

What happened

An audit row or telemetry event for a Secrets:* action carried a field whose shape matches a credential value. The SDK rejected the payload pre-send; the backend's CHECK constraint would have rejected it anyway.

Why it matters

Three-layer redaction guarantees secret values NEVER reach disk / network / telemetry. This error fires when the guarantee is challenged.

How to fix

Find the leak source. Most likely a custom audit hook or telemetry middleware that didn't redact. Audit your code with controlzero doctor --redaction. The SDK ships with a value-shape regex covering sk-*, xoxb-*, AKIA*, ghp_*, and similar patterns.

Catching this error

except RuntimeError catches this. Programmer error.

See also

• Approval Workflow. The parent concept
• SDK: Approval callback. The request_approval + wait API
• Errors index