AI coding assistants can be tricked into revealing secrets from their context window.
When developers use AI coding assistants that have access to their codebase, the model's context window often contains API keys, database credentials, and other secrets. We demonstrate three techniques for extracting these secrets through carefully crafted prompts, and we evaluate the effectiveness of each technique against five popular coding assistants. We also propose mitigations that tool vendors should implement.