| Spot on about the 2am 401 error being where security dies. The "lazy-paste" is universal. But here's what I'm finding: regex on outbound requests isn't enough anymore because the model has already been "pre-poisoned" by years of people NOT sanitizing. Example from our testing: Vector SL-013 didn't just leak "EPHEMERAL_KEY" - it leaked architectural details:
- The `ek_` prefix pattern
- That keys are "ephemeral" (short-lived session tokens)
- The Realtime API context (where they're used)
- Implicit TTL expectations A regex catches `sk-proj-...` going OUT. But it doesn't catch the model describing how keys work based on what it learned from training data. To your question: Yes, this is widespread. I'm seeing it across:
- GPT-4 (documented APIs leak most)
- Claude (similar patterns with Anthropic's features)
- Gemini (Google Cloud API internals)
- Open models trained on GitHub (leak common patterns) The pattern: The more a company documents a feature (to help developers), the more the model can leak about it when prompted. SafetyLayer isn't replacing sanitization - it's solving the "Day 2" problem: How do you audit what the model has already learned about your stack from previous leaks? Sanitization = prevention going forward
SafetyLayer = detection of what's already escaped I run 784 variants weekly because what leaks on Tuesday might not leak on Wednesday (non-deterministic), and what gets patched in GPT-4 might still work in Claude. The 75% intermittent leak rate we found means one-time regex + one-time audit both miss the probabilistic nature of these vulnerabilities. |