Sonnet Markdown audit + Opus TOML audit (post-publish) caught two infrastructure
identity leaks in the public KeiSeiKit-1.0 mirror:
1. Tailscale CGNAT IP `100.91.246.53` (private Forgejo server) appeared 5×:
- BACKUP-INDEX.md:6,17 — including a PR URL exposing branch naming convention
- .forgejo/README.md:3,41,75,87
Replaced with `<private-forgejo>` placeholder. PR URL is now a template form
(no real branch name leaked).
2. Real AWS EC2 instance ID `i-0a8b747023809d451` appeared 2× in
_manifests/infra-implementer.toml:39,104 — directly inside an agent prompt
shipped publicly. Replaced with `<ec2-instance-id>` placeholder.
The IP itself is not internet-routable (Tailscale CGNAT), but the leak still
narrows OSINT scope and reveals our Forgejo-on-Tailscale topology. The EC2
instance ID is a real production resource identifier in our shared-tenancy
deployment; leaking it gives an attacker a confirmed target for AWS-API
enumeration if any other vector ever yields IAM access.
These leaks were already pushed to github main in commits a2b4dd6 + fc03c98.
The HEAD-only scrub clears the working tree and the next commit; full git
history scrub via git-filter-repo is a follow-up if the historical exposure
window matters operationally.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
c250a9c14b