[Stability][BUG-006] Chat export includes hidden context, memory, reasoning, and trace
#3117 opened on May 21, 2026
Description
Parent stability dashboard: #3107
This issue tracks BUG-006 from #3107.
Problem
Normal chat export can include content that is not visible in the chat transcript.
Observed exported content included:
<system-reminder><memory><current_date>- Thinking/reasoning details
- tool call names / trace-like information
Important distinction: this was not observed as raw system prompt leakage. The concrete issue is that hidden dynamic context, memory, reasoning content, and debug trace can be included in a normal user export.
Code evidence
The chat UI has hidden-message filtering, but export does not appear to apply the same boundary:
frontend/src/core/threads/export.ts
Markdown export includes reasoning blocks:
<details>
<summary>Thinking</summary>
...
</details>
JSON export maps raw messages more directly and can include tool-related fields.
Source: checkpoint/state inspection of AI messages.
AIMessage.additional_kwargs.reasoning_content
So even if the normal UI hides it, export paths must explicitly filter it.
Impact
- A user export is not a clean transcript.
- Memory injected into model context can be exported as if it were part of the conversation.
- Reasoning/tool traces can expose internal behavior that users did not ask to export.
- Product privacy/debug boundaries are ambiguous.
Expected behavior
Default export should include only the user-visible transcript:
- visible user messages;
- visible assistant final answers;
- visible artifact/file references if already shown to the user.
Default export should exclude:
- hidden messages marked
hide_from_ui; - dynamic context reminders;
- memory injection;
- thinking/reasoning content;
- tool calls and tool results.
If raw trace export is needed, it should be a separate explicit debug/admin export surface.