Secret Scanner Erroneously Flagging Intentionally Public Keys

[coppinger]

The secret scanner is flagging intentionally-public Algolia search keys as credentials, killing the worker before it can return any results.

• Attempting to scrape ycombinator.com or query the YC Algolia API always results in the worker being killed
• Error: "Tool output contained a secret. Agent terminated to prevent exfiltration."
• Likely cause: YC's site embeds public Algolia API keys in its page JS, which the secret scanner flags as credentials
• These keys are intentionally public (this is a false positive)