From f91edde32aa12072136b6c6b312281f95266a815 Mon Sep 17 00:00:00 2001
From: Nicholas Tindle <nicholas.tindle@agpt.co>
Date: Sun, 8 Feb 2026 20:35:13 -0600
Subject: [PATCH] fix(backend): mask email PII in waitlist logging

Avoid logging raw email addresses by masking to first char + domain.

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
---
 autogpt_platform/backend/backend/api/features/store/db.py | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/autogpt_platform/backend/backend/api/features/store/db.py b/autogpt_platform/backend/backend/api/features/store/db.py
index 20de7225db..c2842c5656 100644
--- a/autogpt_platform/backend/backend/api/features/store/db.py
+++ b/autogpt_platform/backend/backend/api/features/store/db.py
@@ -2138,9 +2138,11 @@ async def add_user_to_waitlist(
                             where={"id": waitlist_id},
                             data={"unaffiliatedEmailUsers": current_emails},
                         )
-                        logger.info(f"Email {email} added to waitlist {waitlist_id}")
+                        # Mask email for logging to avoid PII exposure
+                        masked = email.split("@")[0][0] + "***@" + email.split("@")[1] if "@" in email else "***"
+                        logger.info(f"Email {masked} added to waitlist {waitlist_id}")
                     else:
-                        logger.debug(f"Email {email} already on waitlist {waitlist_id}")
+                        logger.debug(f"Email already exists on waitlist {waitlist_id}")
 
         # Re-fetch to return updated data
         updated_waitlist = await prisma.models.WaitlistEntry.prisma().find_unique(