Agent Secret Sprawl Audit

We know where all of our production secrets live.

Every API key, database URL, and shared login has a known home, not a vague "somewhere in the repo or a doc".

No production secret lives only on one person's laptop.

Losing a single machine, or a single founder being offline, would not lock the team out of production.

No production secret has been shared through chat or docs we could not wipe.

Slack, Discord, Notion, email, and issue threads keep history; a key pasted there stays readable long after the message felt ephemeral.

Coding agents cannot read every local .env file by default.

Agents with filesystem access read .env files happily; broad local credentials become part of any prompt-injection blast radius.

Each agent only receives the credentials it actually needs.

An agent doing frontend work has no reason to hold your Stripe secret key or production database URL.

We can revoke one agent or person without rotating everything.

If access is per-principal, offboarding a contractor or retiring an agent is a revoke, not a rotation marathon.

Successful credential use is logged where we can check it.

You can answer "who used the Stripe key last week" without grepping shell history on three machines.

Denied or unexpected access attempts are visible.

A blocked attempt is an early warning; if denials vanish silently, you only learn about probing after it succeeds.

We can rotate a secret without hunting through machines and repos.

Rotation means updating one stored value, not a scavenger hunt across laptops, CI settings, and old docs.

A new approved agent can get the right credential without copy/paste.

Provisioning a new agent or machine is a scoped grant, not a human pasting keys into a prompt or config.