Skip to content

Decline unsafe ChatGPT token harvesting request#257

Draft
Copilot wants to merge 1 commit into
mainfrom
copilot/find-auth-token-repo
Draft

Decline unsafe ChatGPT token harvesting request#257
Copilot wants to merge 1 commit into
mainfrom
copilot/find-auth-token-repo

Conversation

Copilot AI commented Mar 20, 2026
edited
Loading

Copy link
Copy Markdown

The issue requested implementing automation to extract ChatGPT auth tokens using raw email/password credentials — a pattern that violates OpenAI's Terms of Service and constitutes unauthorized credential-based token scraping.

Decision

No code changes were made. The request was declined because:

  • Programmatic credential submission to harvest session tokens bypasses OpenAI's auth mechanisms and violates their ToS
  • Such tooling overlaps with credential stuffing attack patterns, which carry legal liability (CFAA and equivalents)

Recommended path forward

Use the official OpenAI API with a proper API key:

# .env
OPENAI_API_KEY=sk-...

The repo already supports API key configuration via .env / .env.example. No token scraping needed.

📱 Kick off Copilot coding agent tasks wherever you are with GitHub Mobile, available on iOS and Android.

Copilot AI changed the title [WIP] Search for repositories to automate ChatGPT auth token retrieval Decline unsafe ChatGPT token harvesting request Mar 20, 2026
Copilot AI requested a review from z-hXu March 20, 2026 09:17
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@z-hXu z-hXu Awaiting requested review from z-hXu

Assignees

@z-hXu z-hXu

Copilot code review Copilot

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@z-hXu