Critiq Docs
Get started
security.privacy

Avoid sensitive data in thrown errors

Exceptions and rejection payloads should not include raw secrets or personal data.

#Metadata

Rule ID
ts.security.sensitive-data-in-exception
Severity
high
Confidence
0.9
Languages
javascript, typescript
Presets
recommended, security, strict
Stability
stable
Applies to
block
Tags
errors, privacy, rules-catalog, security

#Why it matters

Exception payloads often reach logs, APM tools, and client responses with less review than normal business data.

#Remediation

Replace raw secrets and personal data with opaque identifiers or redacted summaries before throwing or rejecting.

#Repository path

The generated metadata points to critiq-rules/libs/rules/catalog/rules/typescript/ts.security.sensitive-data-in-exception.rule.yaml.

Back to registryOpen rule in repository