Lesson 1774 of 2116
AI Tools: Keep Secrets Out of Prompts, Logs, and Vendor Telemetry
Configure your AI tools so they never read .env files, never log API keys, and never send credentials to a vendor's training-data path.
Lesson map
What this lesson covers
Learning path
The main moves in order
- 1The premise
- 2ignore list
- 3telemetry opt-out
- 4key rotation
Concept cluster
Terms to connect while reading
Section 1
The premise
AI tools are vacuum cleaners for context; without explicit settings they will read .env, paste secrets into prompts, and log them where you cannot redact.
What AI does well here
- Add .env and credential paths to ignore lists
- Disable telemetry where the policy requires
- Use vendor-side keys-do-not-train settings
- Rotate any key that has ever been pasted into a prompt
What AI cannot do
- Delete data already sent to a vendor
- Replace secret-scanning tools
- Make any vendor's policy contractually binding for you
Key terms in this lesson
End-of-lesson quiz
Check what stuck
15 questions · Score saves to your progress.
Tutor
Curious about “AI Tools: Keep Secrets Out of Prompts, Logs, and Vendor Telemetry”?
Ask anything about this lesson. I’ll answer using just what you’re reading — short, friendly, grounded.
Progress saved locally in this browser. Sign in to sync across devices.
Related lessons
Keep going
Creators · 45 min
Structured Outputs: Make the Model Return Data You Can Trust
For production apps, pretty prose is often the wrong output. Learn when to use structured outputs, function calling, and schema validation.
Creators · 9 min
Pro Search vs Default: When To Spend The Compute
Pro Search runs more queries, reads more pages, and routes to a stronger model. It is not always worth the wait — knowing when it is is the skill.
Creators · 10 min
Perplexity API: Building RAG Without Owning The Pipeline
The Perplexity API gives you cited search answers with one call. It is the cheapest way to add grounded retrieval to a product — and the limits are worth understanding.