# Exposure of Sensitive Information to an Unauthorized Actor (CWE-200)

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

**Stack:** JavaScript

- Prevalence: 높음 자주 악용됨
- Impact: 치명적 4개의 치명적 심각도 규칙
- Prevention: 문서화됨 14개의 수정 예시

**OWASP:** Broken Access Control (A01:2021-Broken Access Control) - #1

## Description

There are many different kinds of mistakes that introduce information exposures. The severity of the error can range widely, depending on the context in which the product operates, the type of sensitive information that is revealed, and the benefits it may provide to an attacker.

## Prevention

5개의 Shoulder 탐지 규칙을 기반으로 한 Information Exposure 예방 전략.

### JavaScript

Use secrets internally without exposing them in logs, responses, or client-side code

Load API keys from environment variables and proxy LLM calls through your server

Mask or redact PII and credentials before sending data to LLM APIs

## Warning Signs

- [HIGH] when environment variables (which may contain secrets like API keys,
passwords, tokens) are leaked t
- [HIGH] Model theft vulnerability: ...
- [HIGH] vulnerabilities that could lead to model theft or API key exposure
- [HIGH] Potential sensitive information disclosure: ...
- [HIGH] potential sensitive information disclosure in AI/LLM implementations
- [CRITICAL] when sensitive data fields (passwords, tokens, secrets, API keys) are
exposed through API endpoint r
- [CRITICAL] Query on ... may return sensitive fields. Use 'select' to whitelist safe fields or 'omit' to exclude sensitive ones.

## Consequences

- 애플리케이션 데이터 읽기
- 파일 또는 디렉터리 읽기

## Mitigations

- 신뢰 경계를 명확히 그을 수 있는 안전한 영역을 갖도록 시스템을 구획화하세요
- 오류 메시지에는 대상 사용자에게 필요한 최소한의 정보만 포함하도록 하세요

## Detection

- Total rules: 14
- Critical: 4
- Languages: go, javascript, typescript, python

## Rules by Language

### Javascript (5 rules)

- **Environment Variable Secret Exposure** [HIGH]: Detects when environment variables (which may contain secrets like API keys,
passwords, tokens) are leaked through logging, HTTP responses, or external requests.

Environment variables commonly store sensitive data:
- API keys (AWS_ACCESS_KEY_ID, STRIPE_SECRET_KEY)
- Database passwords (DB_PASSWORD, DATABASE_URL)
- JWT secrets (JWT_SECRET)
- OAuth tokens (GITHUB_TOKEN, SLACK_TOKEN)

Leaking these values exposes credentials and allows unauthorized access.

This rule uses taint flow analysis to de
  - Remediation: Use secrets internally without exposing them in logs or responses:

```javascript
const apiKey = process.env.API_KEY;
console.log('API key configured:', !!apiKey);

const jwtSecret = process.env.JWT_SECRET;
const token = jwt.sign({ userId: user.id }, jwtSecret);
res.json({ token });
```

Learn more: https://shoulder.dev/learn/javascript/cwe-200/env-vars-secret-exposure
- **LLM Model Theft** [HIGH]: Detects vulnerabilities that could lead to model theft or API key exposure.
OWASP LLM10 - Model Theft.

Model theft can occur through:
- API key exposure in client-side code or logs
- Model weights exposed via insecure endpoints
- Model extraction attacks via unrestricted API access
- Insecure model serialization and storage
- Missing access controls on model endpoints

This rule detects:
- Hardcoded API keys in source code
- API keys in client-side JavaScript
- Model files served without authen
  - Remediation: Load API keys from environment variables and proxy LLM calls through your server.

```javascript
const openai = new OpenAI({
  apiKey: process.env.OPENAI_API_KEY
});
```

Learn more: https://shoulder.dev/learn/javascript/cwe-200/llm-model-theft
- **LLM Sensitive Information Disclosure** [HIGH]: Detects potential sensitive information disclosure in AI/LLM implementations.
OWASP LLM06 - Sensitive Information Disclosure.

Sensitive information can be leaked through:
- PII (Personal Identifiable Information) in prompts
- Credentials or secrets in prompts or system messages
- Sensitive business data sent to third-party LLM APIs
- Logging LLM conversations containing sensitive data
- LLM responses exposed without filtering

This rule detects:
- Sensitive data patterns in LLM prompts
- Creden
  - Remediation: Mask or redact PII and credentials before sending data to LLM APIs.

```javascript
const masked = maskPII(userInput);
const response = await openai.chat.completions.create({
  messages: [{ role: 'user', content: masked }]
});
```

Learn more: https://shoulder.dev/learn/javascript/cwe-200/llm-sensitive-info-disclosure
- **Sensitive Field Exposure in API Response** [CRITICAL]: Detects when sensitive data fields (passwords, tokens, secrets, API keys) are
exposed through API endpoint responses. This commonly happens when:

1. Mapping user data with sensitive fields: `.map(u => ({ password: u.password }))`
2. Returning entire user objects: `res.json(user)` where user has password field
3. Including sensitive fields in response objects: `res.json({ password: user.password })`

This is particularly dangerous when AI-generated code returns user collections
without filtering
  - Remediation: Use explicit field selection to exclude sensitive data from responses:

```javascript
app.get('/api/user/:id', async (req, res) => {
  const user = await User.findById(req.params.id);
  const { password, refreshToken, ...safeUser } = user;
  res.json(safeUser);
});
```

Learn more: https://shoulder.dev/learn/javascript/cwe-200/sensitive-field-response-exposure
- **Prisma Sensitive Field Exposure** [CRITICAL]: Prisma returns all fields by default. Without 'select' or 'omit', password hashes
and API tokens can leak to clients.
  - Remediation: Use 'select' to whitelist safe fields in all queries.

```typescript
const users = await prisma.user.findMany({
  select: {
    id: true,
    email: true,
    name: true
    // passwordHash NOT included
  }
});
```

Learn more: https://shoulder.dev/learn/typescript/cwe-200/sensitive-field-exposure

### Typescript (5 rules)

- **Environment Variable Secret Exposure** [HIGH]: Detects when environment variables (which may contain secrets like API keys,
passwords, tokens) are leaked through logging, HTTP responses, or external requests.

Environment variables commonly store sensitive data:
- API keys (AWS_ACCESS_KEY_ID, STRIPE_SECRET_KEY)
- Database passwords (DB_PASSWORD, DATABASE_URL)
- JWT secrets (JWT_SECRET)
- OAuth tokens (GITHUB_TOKEN, SLACK_TOKEN)

Leaking these values exposes credentials and allows unauthorized access.

This rule uses taint flow analysis to de
  - Remediation: Use secrets internally without exposing them in logs or responses:

```javascript
const apiKey = process.env.API_KEY;
console.log('API key configured:', !!apiKey);

const jwtSecret = process.env.JWT_SECRET;
const token = jwt.sign({ userId: user.id }, jwtSecret);
res.json({ token });
```

Learn more: https://shoulder.dev/learn/javascript/cwe-200/env-vars-secret-exposure
- **LLM Model Theft** [HIGH]: Detects vulnerabilities that could lead to model theft or API key exposure.
OWASP LLM10 - Model Theft.

Model theft can occur through:
- API key exposure in client-side code or logs
- Model weights exposed via insecure endpoints
- Model extraction attacks via unrestricted API access
- Insecure model serialization and storage
- Missing access controls on model endpoints

This rule detects:
- Hardcoded API keys in source code
- API keys in client-side JavaScript
- Model files served without authen
  - Remediation: Load API keys from environment variables and proxy LLM calls through your server.

```javascript
const openai = new OpenAI({
  apiKey: process.env.OPENAI_API_KEY
});
```

Learn more: https://shoulder.dev/learn/javascript/cwe-200/llm-model-theft
- **LLM Sensitive Information Disclosure** [HIGH]: Detects potential sensitive information disclosure in AI/LLM implementations.
OWASP LLM06 - Sensitive Information Disclosure.

Sensitive information can be leaked through:
- PII (Personal Identifiable Information) in prompts
- Credentials or secrets in prompts or system messages
- Sensitive business data sent to third-party LLM APIs
- Logging LLM conversations containing sensitive data
- LLM responses exposed without filtering

This rule detects:
- Sensitive data patterns in LLM prompts
- Creden
  - Remediation: Mask or redact PII and credentials before sending data to LLM APIs.

```javascript
const masked = maskPII(userInput);
const response = await openai.chat.completions.create({
  messages: [{ role: 'user', content: masked }]
});
```

Learn more: https://shoulder.dev/learn/javascript/cwe-200/llm-sensitive-info-disclosure
- **Sensitive Field Exposure in API Response** [CRITICAL]: Detects when sensitive data fields (passwords, tokens, secrets, API keys) are
exposed through API endpoint responses. This commonly happens when:

1. Mapping user data with sensitive fields: `.map(u => ({ password: u.password }))`
2. Returning entire user objects: `res.json(user)` where user has password field
3. Including sensitive fields in response objects: `res.json({ password: user.password })`

This is particularly dangerous when AI-generated code returns user collections
without filtering
  - Remediation: Use explicit field selection to exclude sensitive data from responses:

```javascript
app.get('/api/user/:id', async (req, res) => {
  const user = await User.findById(req.params.id);
  const { password, refreshToken, ...safeUser } = user;
  res.json(safeUser);
});
```

Learn more: https://shoulder.dev/learn/javascript/cwe-200/sensitive-field-response-exposure
- **Prisma Sensitive Field Exposure** [CRITICAL]: Prisma returns all fields by default. Without 'select' or 'omit', password hashes
and API tokens can leak to clients.
  - Remediation: Use 'select' to whitelist safe fields in all queries.

```typescript
const users = await prisma.user.findMany({
  select: {
    id: true,
    email: true,
    name: true
    // passwordHash NOT included
  }
});
```

Learn more: https://shoulder.dev/learn/typescript/cwe-200/sensitive-field-exposure