13 days ago
I created a Telegram bot and deployed it on Railway. While setting it up,
I shared my Telegram bot token directly in the chat with Railway's built-in
AI agent so it could add the token to the project's code/environment.
Shortly after, someone gained unauthorized access to my personal Telegram
account. I was logged out and lost access. After I recovered access to my
account, Telegram itself detected the bot as suspicious/compromised and
deleted it.
I've since reviewed the full source code the agent generated for the bot,
and it appears clean — no malicious network calls, no data exfiltration.
This makes me suspect the token (and possibly other account details) may
have leaked through the AI agent chat itself, rather than through the code.
I've already deleted the project/deployment since the incident, but the
AI agent chat history is still saved and accessible on my account. I'm
happy to share details from it if needed for your investigation.
-
Is chat content with the AI agent stored in plaintext anywhere accessible?
-
Could a token (or other sensitive info) pasted into the chat end up
exposed through logs or agent context storage?
-
What's the recommended secure way to provide secrets to the AI agent
without exposing them in the conversation?
0 Replies
Status changed to Closed brody • 13 days ago