Inconsistent Error Sanitization in KeychainService

Location: packages/core/src/services/keychainService.ts The KeychainService is responsible for securely storing and retrieving sensitive credentials (such as API keys) using the operating system’s native credential storage via the keytar library.

Currently, core methods such as getPassword, setPassword, and deletePassword directly invoke the underlying keychain operations without wrapping them in error handling. For example:

async getPassword(account: string): Promise<string | null> { const keychain = await this.getKeychainOrThrow(); return keychain.getPassword(this.serviceName, account); }

Since these calls rely on native system keychains (Windows Credential Manager, macOS Keychain, Linux Secret Service), unexpected failures in the native layer may throw raw error objects.

Problem

Native errors originating from the keychain layer may contain sensitive metadata such as account identifiers, service names, or other environment-specific details. Because these errors are currently allowed to propagate without sanitization, they could be printed to terminal output or logs, potentially exposing sensitive information.

the initialization logic in the same service already sanitizes native errors before logging, but similar safeguards are not applied to the primary credential operations.

Allowing raw native errors to surface can unintentionally expose sensitive credential metadata in debugging logs or CLI output, creating a potential security and privacy risk.

Solution(suggested)

Introduce consistent error sanitization for keychain operations so that any native exceptions are caught and rethrown as safe, generic errors without exposing sensitive details.