> For the complete documentation index, see [llms.txt](https://ai-docs.akile.ai/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://ai-docs.akile.ai/zhi-chi/security.md).

# 安全建议

API Key 拥有真实调用额度，应按生产凭证管理。

## 密钥管理

* 不要把 API Key 提交到 Git。
* 不要在前端、移动端、小程序或浏览器脚本中使用 API Key。
* 不要把 API Key 发到聊天群、工单截图或公开日志中。
* 每个项目单独创建 Key。
* 定期清理不再使用的 Key。
* 对生产 Key 设置合理额度和 IP 白名单。

## 服务端代理

如果业务需要从浏览器发起 AI 请求，推荐架构是：

```
浏览器 -> 你的后端 -> AK AI Gateway
```

这样可以避免 API Key 暴露给最终用户。

## 限额与风控

建议根据业务风险设置：

* 单个 API Key 的配额。
* 请求来源 IP 白名单。
* 过期时间。
* 周期性速率限制。
* 监控和余额提醒。

## 发现异常后怎么办

1. 禁用异常 API Key。
2. 查看用量和错误请求。
3. 检查应用日志和部署环境。
4. 创建新 Key 并更新环境变量。
5. 如果涉及账号安全，修改登录密码并联系管理员。


---

# Agent Instructions
This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com.

## Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter, and the optional `goal` query parameter:

```
GET https://ai-docs.akile.ai/zhi-chi/security.md?ask=<question>&goal=<endgoal>
```

`ask` is the immediate question: it should be specific, self-contained, and written in natural language.
`goal` is optional and describes the broader end goal you are ultimately trying to accomplish on behalf of the user. GitBook uses it to tailor the answer towards what is most useful for that goal.

The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.