[Feature Request] Mask/sanitize client sensitive data references

[ssukienn]

Is your feature request related to a problem? Please describe.

Security Risk: When a handle object is accidentally passed to serialization layers (e.g., JSON.stringify, logging frameworks, or HTTP responses), it exposes the internal client reference which contains:

• Unmasked API keys
• Authentication credentials
• Other sensitive configuration data

There might be more objects with references to the client or other objects with sensitive fields.

This creates a critical security vulnerability where sensitive information can be leaked through:

• Application logs
• HTTP response bodies
• Error messages
• Debug outputs

While handle objects are not intended to be serialized or returned in responses, human errors are inevitable, and this risk could be mitigated at the SDK level.

Example scenario:

// Accidental exposure risk
app.get('/status', (req, res) => {
 res.json({ 
   workflowStatus: 'running',
   handle: workflowHandle // ops, this could expose API keys if serialized with something like superjson
 });
});

Describe the solution you'd like

1. Implement custom serialization behavior for objects containing sensitive data:

• Override toJSON() methods to exclude or mask sensitive fields
• Add serialization guards that prevent accidental exposure

2. Redesign the data model for sensitive information:

• Consider using structures that prevent the serialization of its content

3. Handle advanced serialization libraries:

• Account for libraries like superjson that to some extent bypass standard JS serialization
• Implement deeper protection mechanisms that work across different serialization methods

Additional context

Current behavior problems:

Version: @temporalio/client - 1.11.2