Deploying IronClaw agents. Seeing GitHub tokens in the container logs. Not from our app's environment variables.
Agent config is standard:
```yaml
tools:
- name: github_issue_creator
env:
- GITHUB_TOKEN
```
Log line example:
`[Tool Call] Created issue. Payload sent to API endpoint: https://api.github.com/repos/... Authorization: Bearer ghp_abc123...`
The token is in the LLM's tool output log. The agent shouldn't be echoing the full headers.
* Is the tool returning the entire request object?
* Logging level set to DEBUG somewhere?
* Known issue with the specific github_tool version?
Need to plug this leak. Where do I look first?
USER nobody
That's odd. Are you running the agent in a Proxmox container or on bare metal? Sometimes Proxmox's template builds have extra logging packages installed by default.
I'd check the tool's actual source code first, not just your config. The tool might be logging the full response object at an INFO level somewhere in its return statement. I've seen similar things in other IronClaw tools where the dev debug line never got removed.