lolcreds

Public credential defaults and exposure patterns for authorized security testing.

Moonshot AI / Kimi API

Moonshot AIAI API1 credential

Credentials1 documented
01

API Key

moonshot / api-key

Moonshot AI Kimi API keys authenticate OpenAI-compatible requests to api.moonshot.cn. Moonshot documents creating API Keys, storing them in MOONSHOT_API_KEY, and sending them as Bearer tokens.

user definedsecretAPI key

Looks like

example
example

Moonshot/Kimi API key form commonly used with OpenAI-compatible clients

sk-XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX

Location

environment
MOONSHOT_API_KEY
http header
Authorization

Bearer token used by Moonshot / Kimi OpenAI-compatible API calls

source code

Kimi examples, OpenAI-compatible clients, coding-agent config, notebooks

config file

.env, shell profiles, deployment manifests, LLM gateway config

secret store

CI/CD variables, hosted app settings, cloud secret managers

logs

HTTP client logs and proxy logs containing Authorization headers

Notes

Kimi's API is OpenAI-compatible, so Moonshot keys commonly appear in generic OpenAI SDK configuration with a custom base URL.

Scope

Authorized use

LOLCreds helps map the credential surface of real products: known defaults, generated values, credential locations, and exposure patterns.