"Innocuous bytes" fools Claude

I have a private repository that I want to open-source. I asked Claude to scan it for private information that should be scrubbed before release.

It found a couple of things. But it missed (in lib/secrets.py, no less!) a string variable that I cunningly named INNOCUOUS_BYTES but is in fact a cryptographic secret key.