Security: Plaintext GitHub token stored in ~/.changetrace/auth.json

The file `~/.changetrace/auth.json` currently stores GitHub access tokens in **plaintext**. 

Example content:
```
[  
  {  
    "Provider": "github",  
    "AccessToken": "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",  
    "Username": null,  
    "Id": "01KJT91EWDSZGMRNQ7C4W039VX",  
    "CreatedAt": "2026-03-03T16:38:30.0304005+00:00"  
  }  
]
```

### Security Risk

- Any local user or process with access to the home directory can read the token.
- Token may accidentally be committed to version control or included in backups.
- Token provides direct access to GitHub account depending on assigned scopes.

**Priority:** High – affects authentication security.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Security: Plaintext GitHub token stored in ~/.changetrace/auth.json #2

Security Risk

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

Security: Plaintext GitHub token stored in ~/.changetrace/auth.json #2

Description

Security Risk

Metadata

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

Issue actions