Skip to main content

E2001. Credential leak detected in tool output

Severity: ERROR. Class: CredentialLeakBlocked (subclass of RuntimeError).

What happened

The credential leak handler scanned an agent tool output (stdout, stderr, file-read body, or grep match) and found one or more high-confidence credential matches. The configured action was block, so the SDK raised CredentialLeakBlocked rather than letting the credential reach the agent's prompt or downstream log.

The audit rows are written before the exception is raised, so the operator dashboard always sees the detection event.

How to fix

Rotate the leaked credential immediately, then either allowlist the pattern_id for this org (if the match is a known false positive) or set the per-org override to redact so future matches mask the value in-place rather than aborting the call.

See also