Fix guide · info · openai_org_id

OpenAI organization ID exposed

Why it matters

The org ID alone isn't a credential. Paired with a leaked API key, it identifies which account is being abused. Mostly informational.

How to fix it

If your OpenAI key is also in the bundle, see /fix/openai_key. The org ID itself doesn't need rotation — it's not a secret.

Did vibecheck flag this on your app?

If you reached this page from a vibecheck inspection report, the redacted match in your scan output is the exact string we found in your bundle. After applying the fix above, run the inspection again — the finding should clear.