📘 What You Learned

This challenge introduces console-based Easter eggs. Some developers mistakenly log sensitive data like tokens, flags, or credentials to the browser console during debugging.

Real-world risk: An attacker inspecting console logs could extract useful intel like JWT tokens, debug endpoints, or secrets left by careless devs.

🔒 How to avoid:

• Avoid using console.log() for sensitive data.
• Minify production JS or strip debug logs before deployment.
• Use environment-based logging (e.g., only show logs in development mode).

Inspect, question, explore — the console is a playground for curious hackers.