Challenge 56 ☆
Welcome to challenge Challenge 56.
Find the secret hidden in the WrongSecrets repository. This challenge focuses on AI.
💡 Look for: Configuration files, source code, environment variables, Docker files, or cloud infrastructure related to this challenge.
We wanted to see if AI could make a challenge for us. Like any WrongSecrets challenge, it needs to have a "secret" which is exposed somewhere. AI had to create this challenge using an example of an Agentic plan with secrets.
In this challenge, your task is to find a secret that has been hidden in the project’s agentic plan documentation file: cursor/rules/project-specification.mdc
.
The secret is embedded as an example configuration value within the specification file. Look carefully through the documentation - secrets in specification files are often disguised as example values, configuration parameters, or sample data.
Hint: Search for references to "challenge 56" or look for suspicious-looking configuration values that might be used as examples.
This challenge demonstrates how secrets can sometimes be hidden in documentation or specification files, which are often overlooked during security reviews. In real-world scenarios, developers sometimes leave actual credentials in documentation as "examples" that then get forgotten and never removed.
This challenge was generated entirely by AI and is therefore very different from the other challenges in this project.