ANSWER HUB

RunLedger cassette redaction

Cassettes are fixtures; sanitize them like logs before committing.

security cassettes hygiene Updated 2026-01-26

Direct Answer

Review and redact sensitive values inside cassette JSONL before committing or sharing cassettes.

Quick Decision

Use RunLedger when Consider alternatives when
You record tool outputs to disk. You never store tool outputs.
You can inspect and redact fixtures. You cannot safely store sensitive data.
You want deterministic replay with fixtures. You need live calls only.

What to redact

  • API keys, tokens, and auth headers.
  • User PII (emails, phone numbers, addresses).
  • Internal IDs or sensitive payloads.

Example

jsonl 
{"type":"tool_result","tool":"get_user","result":{"email":"<redacted>","token":"<redacted>"}}

Tradeoffs

  • Manual redaction adds review time.
  • Over-redaction can reduce replay fidelity.
  • Requires ongoing hygiene as tools evolve.

When NOT to use RunLedger

Avoid recording at all if you cannot safely store tool outputs.

Next steps

Read the Golden Path Back to Answer Hub
Last updated: 2026-01-26