Skip to content

Remove sensitive data from debug logs#50

Open
Catafal wants to merge 1 commit intofarzaa:mainfrom
Catafal:fix/remove-sensitive-logging
Open

Remove sensitive data from debug logs#50
Catafal wants to merge 1 commit intofarzaa:mainfrom
Catafal:fix/remove-sensitive-logging

Conversation

@Catafal
Copy link
Copy Markdown

@Catafal Catafal commented Apr 10, 2026
edited
Loading

Feature

Remove PII and security-sensitive values from debug print statements (resolves #44)

Problem

Seven print() calls were writing sensitive runtime data to the system log, visible in Console.app to anyone with local machine access:

Location What was leaked
AssemblyAIStreamingTranscriptionProvider.swift:44 First 20 chars of a live AssemblyAI bearer token
CompanionManager.swift:522 Full verbatim user speech transcript (every word spoken)
CompanionManager.swift:679 Exact screen coordinates + human-readable UI element label
CompanionManager.swift:681 UI element label (no-coordinate path)
CompanionManager.swift:1020 Element label + Claude's exact spoken response (onboarding)
ElementLocationDetector.swift:113–116 Raw and scaled pixel coordinates of pointed-at element
ElementLocationDetector.swift:257 Raw Computer Use coordinate of target element

Changes

AssemblyAIStreamingTranscriptionProvider.swift

  • "fetched temporary token (abc123prefix...)""fetched temporary token (OK)"

CompanionManager.swift

  • "received transcript: <user's words>""received transcript (N chars)"
  • Element coordinate + label logs → content-free status messages
  • Onboarding demo label + spoken text log → "pointing at element"

ElementLocationDetector.swift

  • Coordinate mapping log (raw + scaled pixel values) → single comment explaining the omission
  • Raw coordinate log → comment explaining the omission

What was NOT changed

All low-severity logs (lifecycle events, error descriptions, payload sizes, provider names) are unchanged — they contain no user data and are useful for debugging.

Testing

  • Build and run: Console.app should show no transcript text, no token values, no element labels or coordinates in Clicky output
  • Push-to-talk still works normally (logging is additive-only change)

Closes #44

@Catafal @claude
Remove sensitive data from debug logs (issue farzaa#44)
8caceff 
Seven print statements were logging PII and security-sensitive values:
- User speech transcripts verbatim (CompanionManager.swift)
- AssemblyAI bearer token prefix (AssemblyAIStreamingTranscriptionProvider.swift)
- Screen element labels and pixel coordinates (CompanionManager.swift x3, ElementLocationDetector.swift x2)

Fixes:
- Token log → "fetched temporary token (OK)" (no token content)
- Transcript log → char count only (no speech content)
- Element/coordinate logs → replaced with content-free status messages

Low-severity logs (lifecycle events, error descriptions, payload sizes) are unchanged.

Fixes farzaa#44

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Critical Security Issues

1 participant

@Catafal