First, accept the one rule that matters
Treat the key as compromised. Not "maybe compromised" — compromised. The moment your message was sent, it left your machine and landed on infrastructure you don't control. It may be retained in logs, backups, or your chat history for a long time, and you have no reliable way to reach into those systems and remove it.
Deleting the conversation makes it disappear from your screen. It does not guarantee removal from the provider's systems. So the fix is never "delete the chat" — the fix is always "make the key worthless."
Step 1: Revoke or rotate the key — now
Do this before anything else. Here's where the revoke button lives for the most commonly leaked credentials:
- AWS access keys (
AKIA...) — In the IAM console, open the user, go to Security credentials, and deactivate the exposed key. Create a new one, update your apps, then delete the old key. Deactivating first lets you roll back if something breaks. - GitHub tokens (
ghp_...,github_pat_...) — Settings → Developer settings → Personal access tokens → delete the token. Generate a new one with the minimum scopes you actually need. - Stripe keys (
sk_live_...) — In the Stripe Dashboard, go to Developers → API keys and roll the key. Stripe lets you set a grace period so your integration doesn't go down mid-rotation. - OpenAI / Anthropic / other AI provider keys (
sk-...,sk-ant-...) — Revoke the key in the provider's dashboard under API keys, then create a fresh one. - Google Cloud API keys — In the Cloud Console, APIs & Services → Credentials. Delete or regenerate the key, and while you're there, add application restrictions so the next leak matters less.
- Database URLs (
postgres://user:pass@host...) — The password in that connection string is the secret. Change the database user's password and update every service that connects with it. - Slack, Discord, Telegram bot tokens — Regenerate the token from the app/bot settings page. The old token dies instantly.
If the key belongs to your employer, tell your team while you rotate, not after. Every security team on earth prefers "I leaked a key and already rotated it" over finding out from an audit.
Step 2: Check whether the key was actually used
Rotation stops future damage. Now confirm nothing happened in the window the key was live:
- AWS — Check CloudTrail for API calls made with the exposed key ID, and glance at Billing for unfamiliar spend (crypto-mining via stolen AWS keys is a classic).
- GitHub — Review your account's security log and recent commits/repo access. A stolen token with
reposcope can clone everything you have. - Stripe — Scan the Dashboard logs for API requests you don't recognize, especially payout or customer-data reads.
- AI provider keys — Check the usage page for spikes. Stolen LLM keys get resold and burned through fast, so misuse tends to be loud and quick.
Set up a billing alert while you're in there if you don't have one. It's the smoke detector for the next incident.
Step 3: Find out how the key got into your clipboard
The paste is a symptom. The cause is usually one of these:
- Secrets living in files you routinely copy from —
.envfiles, config files, shell history, log output. - Debugging sessions where you paste raw logs or full config files into an AI chat because it's faster than trimming them.
- Hardcoded secrets in source code, which then travel everywhere the code travels.
You don't have to fix your entire workflow today. But knowing which habit produced the leak tells you which guardrail to add.
Step 4: Add a guardrail so this doesn't repeat
- Use a secrets manager (AWS Secrets Manager, 1Password, Doppler, Vault) instead of long-lived keys in plain-text files where possible.
- Prefer short-lived credentials — temporary AWS STS tokens, fine-grained GitHub PATs with expiry dates, restricted API keys. A leaked key that expires in an hour is a very different incident.
- Mask before you paste. This is exactly why Secret Sanitizer exists: it scans everything you paste into ChatGPT, Claude, Gemini, or Grok against 70+ secret patterns and replaces matches with placeholders like
[AWS_KEY_0]— locally, before the text ever reaches the page. The AI still gets working context; your key never leaves your machine.
The 5-minute checklist
- Revoke or rotate the exposed key. Do not just delete the chat.
- Update every app or service that used the old key.
- Check usage logs and billing for the exposure window.
- If it's a work key, tell your team immediately.
- Add one guardrail: shorter-lived keys, a secrets manager, or automatic masking on paste.
The leak itself is common — nearly every developer who uses AI chats daily has done it or come close. What separates a non-event from an incident is how fast you make the key worthless.