Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom

Chat GPT token exposed #18

Open
carotm opened this issue Apr 26, 2023 · 3 comments
Open

Chat GPT token exposed #18

carotm opened this issue Apr 26, 2023 · 3 comments

Comments

@carotm
Copy link

carotm commented Apr 26, 2023

If you open slack in a browser you can easily see chat_gtp_token
token

I think it's safer to remove chat_gpt_token from the Action Params and read the token from an environment variable. Also, the environment variable can be added using the value of the chart runner.additional_env_vars value, example:

runner:
  additional_env_vars:
  - name: OPENAI_API_KEY
    value:
@arikalon1
Copy link
Contributor

Thank you for reporting it @carotm
Typically the data required for the callback button is sent as a part of the message, but for we need to find an alternative when the parameters include sensitive data like the chat_gpt_token

@SomasekharSunkari
Copy link

@arikalon1 I want to Work on this Issue

@arikalon1
Copy link
Contributor

Of course @SomasekharSunkari
Do you have a potential solution you thought of?

# for free to join this conversation on GitHub. Already have an account? # to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@arikalon1 @carotm @SomasekharSunkari