Security Audit is a beta feature. Detection coverage and UI are evolving — feedback is welcome.
Inventory columns
| Column | Description |
|---|
| Credential type | The type of secret detected (e.g., “Anthropic API key”, “AWS access key”) |
| Active | Exposures that have not been dismissed — these still need review |
| Dismissed | Exposures you’ve already reviewed and marked as resolved |
| Sessions | Number of distinct sessions where this credential type appeared |
| Agents | Which agents were involved |
| Last seen | Timestamp of the most recent exposure |
| Status | See below |
Status values
Each row in the credential inventory shows one of three statuses:
Needs Rotation — There are active (non-dismissed) exposures of this credential type. The secret appeared in agent output but has not been confirmed as sent to an external service. Rotate the credential as a precaution and then dismiss the findings.
All Dismissed — All exposures of this type have been reviewed and dismissed.
Exfiltrated — The credential appeared in agent output and the agent made an external network call later in the same session. The secret may have been sent to an external service. Rotate the credential immediately, then investigate which external URLs the agent contacted. Do not rely on dismissal alone.
Detected credential patterns
Claw Lens scans all tool outputs against the following patterns. Any match creates a finding and contributes to the credential inventory.
API keys and tokens
| Type | Pattern / prefix | Label |
|---|
| Anthropic API key | sk-ant-[a-zA-Z0-9-]{20,} | Anthropic API key |
| OpenAI project key | sk-proj-[A-Za-z0-9-_]{32,} | OpenAI project key |
| GitHub PAT | ghp_[A-Za-z0-9]{36} | GitHub personal access token |
| GitHub OAuth token | gho_[A-Za-z0-9]{36} | GitHub OAuth token |
| GitHub fine-grained token | github_pat_[a-zA-Z0-9_]{22,} | GitHub fine-grained token |
| GitLab access token | glpat-[0-9a-zA-Z-_]{20} | GitLab access token |
| AWS access key ID | AKIA[0-9A-Z]{16} | AWS access key |
| AWS secret access key | AWS_SECRET_ACCESS_KEY = ... | AWS secret access key |
| PEM private key | -----BEGIN ... PRIVATE KEY----- | Private key (PEM) |
| Stripe secret key | sk_live_[a-zA-Z0-9]{24,} | Stripe secret key |
| SendGrid API key | SG.[0-9A-Za-z-_]{22}.[0-9A-Za-z-_]{43} | SendGrid API key |
| Square access token | sq0atp-[0-9A-Za-z-_]{22} | Square access token |
| Square OAuth secret | sq0csp-[0-9A-Za-z-_]{43} | Square OAuth secret |
| Slack bot token | xoxb-... | Slack bot token |
| Slack app token | xapp-... | Slack app token |
| Slack token | xox[pors]-... | Slack token |
| Google API key | AIza[0-9A-Za-z-_]{35} | Google API key |
| NPM access token | npm_[a-zA-Z0-9]{36} | NPM access token |
| PyPI upload token | pypi-AgEIcHlwaS5vcmc... | PyPI upload token |
| Shopify access token | shpat_[a-fA-F0-9]{32} | Shopify access token |
| Shopify shared secret | shpss_[a-fA-F0-9]{32} | Shopify shared secret |
| Twilio API key | SK[0-9a-fA-F]{32} | Twilio API key |
| Discord bot token | [MN][A-Za-z0-9]{23,25}.[A-Za-z0-9]{6}.[A-Za-z0-9_-]{27,} | Discord bot token |
| Telegram bot token | [0-9]{8,10}:[0-9A-Za-z_-]{35} | Telegram bot token |
| Facebook access token | EAACEdEose0cBA... | Facebook access token |
| Azure storage key | DefaultEndpointsProtocol=https;AccountName=... | Azure storage key |
| Discord webhook URL | https://discord.com/api/webhooks/... | Discord webhook URL |
Tokens and secrets
| Type | Pattern | Label |
|---|
| JWT token | eyJ...eyJ... (three-part base64url) | JWT token |
| Database URI | mysql://user:pass@host / postgres://user:pass@host | Database URI with password |
| Password / secret value | password = "...", api_key = "...", secret = "..." | Password / secret value |
| Generic secret | secret = "...", auth_token = "...", apikey = "..." | Generic secret/token |
PII
| Type | Pattern | Label |
|---|
| Credit card number | 16-digit card number with optional separators | Credit card number |
| Chinese phone number | 1[3-9]\d{9} | Chinese phone number |
| Chinese ID card number | 18-digit national ID | Chinese ID card number |
Blockchain
| Type | Pattern | Label |
|---|
| Ethereum address | 0x[a-fA-F0-9]{40} | Ethereum address |
| Bitcoin Bech32 address | bc1[a-zA-HJ-NP-Z0-9]{25,90} | Bitcoin Bech32 address |
| Blockchain private key | private_key = 0x[a-fA-F0-9]{64} | Blockchain private key |
| Bitcoin WIF private key | 5[HJK][1-9A-HJ-NP-Za-km-z]{49} | Bitcoin WIF private key |
| Mnemonic seed phrase | mnemonic = "word word word ..." (12–24 words) | Mnemonic seed phrase |
Dismissing findings
To mark a finding as reviewed, click Dismiss in the event detail panel on the Timeline tab, or use the dismiss action on an individual finding. Once dismissed:
- The finding moves from Active to Dismissed in the inventory
- The agent’s verdict may update if that was the last active finding of a given severity
- The finding remains in the audit log — it is not deleted
When to dismiss: after you’ve confirmed the exposure was expected, was in a test context, or has already been remediated.
When to rotate instead: if the status shows Needs Rotation or Exfiltrated, rotate the credential before dismissing. Dismissal is a record-keeping action, not a security control.
If the same credential type keeps appearing across sessions, check whether the agent has access to a file or environment variable it shouldn’t. Repeated exposure of the same secret type often points to a configuration issue rather than a one-off leak.
