[iamdan]

The key is passed along in the refactor POST request body to OpenAI's chat endpoint (https://github.com/daniel-black/refactory/blob/5289bf54842d1...) and is not stored anywhere else so yes it should be safe.