What happened with ai agents leak user secrets to third-party logs?

AI agents like OpenAI's OpenClaw send API keys and credentials to external services where they're logged and exposed.

What happened with ai agents leak user secrets to third-party logs?

Developers are treating these agents as literal-minded executors, not intuitive colleagues, to manage their power.

What happened with ai agents leak user secrets to third-party logs?

NEAR's founder argues blockchain is needed to solve AI's fundamental root-of-trust and security problems.

AI & TECH

AI agents leak user secrets to third-party logs

Sunday, March 29, 2026 · from 3 podcasts

Hard Fork The AI Daily Brief: Artif…Bankless

AI agents like OpenAI's OpenClaw send API keys and credentials to external services where they're logged and exposed.
Developers are treating these agents as literal-minded executors, not intuitive colleagues, to manage their power.
NEAR's founder argues blockchain is needed to solve AI's fundamental root-of-trust and security problems.

The AI assistants tasked with managing your digital life are broadcasting your secrets.

On Bankless, NEAR founder Illia Polosukhin revealed that agents like OpenAI's OpenClaw send users' API keys, bearer tokens, and access credentials to third-party services, where they sit exposed in logs. He called the practice "insane." This vulnerability exists as the industry rushes to shift from conversational chatbots to autonomous agents that execute complex tasks.

Illia Polosukhin, Bankless:
- When you use Entropic OpenAI, or even worse, you use something else for inference, OpenClaw actually sends all your secrets to those services as well.
- Somewhere in Entropic and OpenAI logs, they have everybody's access keys, API keys, and bearer tokens to access your Gmails and your Notions.

The agent revolution is already here. On The Ezra Klein Show, Anthropic's Jack Clark described the shift from chatbots to agents that can independently use tools and work over time. This has triggered a 20% drop in software industry stocks as investors price in AI replacing traditional engineering workflows.

Success requires a new mental model. Clark argues users must treat agents not as intuitive colleagues but as literal-minded genies, providing exhaustive specification documents to avoid buggy, literal-minded messes. Nathaniel Whittemore of The AI Daily Brief highlighted new features like Claude's Dispatch that let users delegate persistent tasks and monitor them remotely, moving from operating a tool to managing an agent.

Polosukhin sees these security flaws as a symptom of a deeper architectural problem. His long-term bet is that AI will become the primary computing interface, necessitating a new backend for trust, identity, and payments. He argues blockchain provides that missing root of trust, enabling secure coordination between AIs where today's service model fails.

The industry is sprinting toward autonomous agents, but its foundation is leaking.

Agents Safety Big Tech

Entities Mentioned

Claudemodel— Anthropic's large language model family used for agentic applications and skills

Claude CodeProduct— AI coding assistant from Anthropic that can use agent personality files

IronClawProduct— Secure open-source AI agent runtime by NEAR AI using TEEs

OpenAItrending

OpenClawframework— Community-driven AI agent platform requiring hardware isolation

Source Intelligence

What each podcast actually said

Hard Fork

Casey Newton

The Ezra Klein Show: How Fast Will A.I. Agents Rip Through the Economy? • Mar 27

Also from this episode:

Models (5)

AI is shifting from conversational chatbots to autonomous agents that execute complex tasks over time with tools.
Jack Clark says an AI agent works like a colleague you can give an instruction to, which then goes away and completes the task.
Clark says users fail by treating AI agents like intuitive people; they are instead literal-minded genies requiring exact instructions.
To get professional results, humans must now act as architects, writing exhaustive specification documents for the agent to follow.
A key breakthrough is training reasoning models in active environments like spreadsheets, not just on predicting text.

Markets (1)

The S&P 500 Software Industry Index dropped 20% as markets priced in code-writing AI agents replacing traditional engineering work.

Reasoning (1)

These trained agents develop intuition, letting them course-correct - like pivoting a search strategy - without human intervention.

Labor (1)

This autonomous course-correction ability is what will fundamentally rewrite the labor market for knowledge workers.

Agents Coding Models Enterprise

The AI Daily Brief: Artificial Intelligence News and Analysis

Nathaniel Whittemore

How to Use Claude's Massive New Upgrades • Mar 25

Anthropic's new 'Remote Control' feature for Claude Code allows a desktop-based terminal session to be monitored and directed from a mobile device, creating a persistent, local AI agent.
Because Claude Code runs locally with full access to a user's file system, the Remote Control feature effectively provides a secure remote terminal window to an AI co-pilot on your production machine.
The AI Daily Brief host Nathaniel Whittemore says the feature fundamentally shifts the mental model from 'operating a tool' to 'delegating to an agent,' enabling new workflows.
Anthropic's 'Dispatch' for Claude Cowork creates a persistent, local conversation thread with Claude that users can message from their phone, returning later to find finished work.
Dispatch runs code in a local sandbox, keeps files on the local machine, and requires user approval for actions, which Ethan Malek notes makes it safer and more stable than some open-source alternatives.
According to the show, this trend of 'clawification' is bringing OpenClaw's agent-like capabilities into mainstream, commercially-supported AI products like Anthropic's.
These updates enable users to direct hours of parallel AI work with only minutes of input, fundamentally altering daily work structure by making the AI an omnipresent, background assistant.

Agents Enterprise

Bankless

Illia Polosukhin: Why AI Agents Are Still Useless (And What Fixes Them) | NEAR Founder on IronClaw • Mar 24

Services like OpenAI's OpenClaw send users' API keys, bearer tokens, and access credentials to third-party services, where they sit exposed in logs, a practice Illia Polosukhin calls insane.
Polosukhin's project IronClaw is designed to fix credential exposure by ensuring keys never touch the large language model during agent operation.

Also from this episode:

Models (5)

Polosukhin argues that blockchain solves AI's root-of-trust problem by providing a decentralized backend for identity, payments, and infrastructure coordination.
Polosukhin's long-term thesis is that AI will become the primary interface for computing, effectively replacing traditional operating systems.
When AI becomes the dominant operating system, Polosukhin argues today's service architecture breaks, posing questions of how one AI verifies another and how they transact without centralized payment rails.
Polosukhin sees blockchain as a mechanism for protocol upgrades in AI infrastructure, avoiding the decades-long adoption cycles seen with standards like IPv6.
Polosukhin's initial 2017 venture into AI to teach machines to code faced a bottleneck in training data and paying global contributors, a problem crypto solved by enabling payments without local banking infrastructure.

Agents Big Tech Privacy

The Frontier

AI agents leak user secrets to third-party logs

Entities Mentioned

Source Intelligence

Related Stories