Critiq Docs
Get started
security.privacy

Avoid writing sensitive data to files

Data exports and local file writes should not persist raw secrets or personal fields.

#Metadata

Rule ID
ts.security.sensitive-data-written-to-file
Severity
high
Confidence
0.9
Languages
javascript, typescript
Presets
recommended, security, strict
Stability
stable
Applies to
block
Tags
filesystem, privacy, rules-catalog, security

#Why it matters

Static files, exports, and backups are easy to copy or retain beyond their intended lifetime.

#Remediation

Redact, hash, or exclude the sensitive fields before writing the file.

#Repository path

The generated metadata points to critiq-rules/libs/rules/catalog/rules/typescript/ts.security.sensitive-data-written-to-file.rule.yaml.

Back to registryOpen rule in repository