Intent-Code Divergence
High
- Confidence
- 98% confidence
- Finding
- The code computes a redacted preview for the response, but the audit event always stores previewSource.slice(0, 1200), which is derived from the raw unredacted payload. This can leak secrets, credentials, prompt contents, or sensitive tool parameters into logs even when the caller explicitly requests redaction, defeating the security purpose of the scanner and creating a secondary disclosure channel.
