r/ClaudeAI: PSA — Claude Haiku 4.5 Extended Thinking Generated Debug Code That Leaked API Keys to Browser Console

A developer warns that Claude Haiku 4.5 in extended-thinking mode generated debug code that logged live API keys to the browser console, with a screenshot attached. The root cause: the model inserted console.log(config) statements during troubleshooting without recognizing the config object contained live credentials. The poster recommends auditing all AI-generated debug code before execution and never passing full configuration objects containing secrets to AI coding assistants.