I woke up to a bill that wasn't mine. Balance zeroed, burned on a model I don't use. Someone found my OpenRouter key in an exposed env variable and ran it dry.
That's it. No alert. No threshold. No "maybe check this." Just a zeroed balance and the lesson.
I know what you're thinking — rate limits. Secret audits. Budget caps. Yeah. Living in the real world doesn't always work that way. You push things, you trust the token in export OPENROUTER_KEY=sk-... stays where you left it. It doesn't. A scumbag finds it and your API key becomes their API key.
The annoying part isn't even the money. It's the rethinking. Where else am I exposed?
Then you go looking for help. It's not in the dropdown. Not within easy reach of credit history or billing. Not available to tired eyes at 3am when you're trying to figure out what the hell just happened. There's no button to report. No obvious kill switch. Just the knowledge base telling you to be more careful.
I'm not dropping an X message. Don't care to waste even more time. Support shouldn't be optional. A spending cap should be obvious. An alert for a 3000% spike should exist by default. The "report abuse" button shouldn't require a site drill.
None of that was there. So I took the hit, added a hard limit, scrubbed my env files, moved on.
The scumbag? Nobody. They sweep keys from GitHub repos and deployment logs a hundred times a day. I'm not going to find them.
But I'm going to have a spending cap next time.
Top comments (2)
The
export OPENROUTER_KEY=sk-...line has a persistence vector most people miss: your shell history. That command is now sitting in~/.zsh_historyor~/.bash_historyin plaintext, and it'll survive scrubbing.envfiles, rotating the key, even reinstalling the OS if your home directory is on a separate partition. Worse, if you ever ran that export in a terminal session where an AI coding assistant had terminal context access (Cursor, Copilot in the terminal, etc.), the key may also live in that tool's logs or context cache — a second persistence layer that didn't exist two years ago. For secrets you need in the shell,read -rs OPENROUTER_KEYavoids the history file entirely since read is a shell builtin that doesn't log to history. Or just reference a secrets manager and never let the value touch the shell at all.If only I wrote it on a sticky note. This is a lesson. You can’t be 100% sure. If things can happen - they will. Have a good day sir @circuit