diff --git a/.gitignore b/.gitignore
index 06d1697..fbb3d46 100644
--- a/.gitignore
+++ b/.gitignore
@@ -89,6 +89,10 @@ docker-compose.override.yml
 temp/
 tmp/
 
+# Batch processing error files (may contain API tokens from templates)
+docs/batch_*.jsonl
+**/batch_*_error.jsonl
+
 # Database files
 # Database files - nodes.db is now tracked directly
 # data/*.db
diff --git a/MEMORY_TEMPLATE_UPDATE.md b/MEMORY_TEMPLATE_UPDATE.md
index 97080c4..91c2b9c 100644
--- a/MEMORY_TEMPLATE_UPDATE.md
+++ b/MEMORY_TEMPLATE_UPDATE.md
@@ -130,10 +130,16 @@ sqlite3 data/nodes.db "SELECT COUNT(*) FROM templates"
 
 # 4. Generate AI metadata for new templates (optional, requires OPENAI_API_KEY)
 npm run fetch:templates -- --metadata-only
+
+# 5. IMPORTANT: Sanitize templates before pushing database
+npm run build
+npm run sanitize:templates
 ```
 
 Templates are independent of n8n version - they're just workflow JSON data.
 
+**CRITICAL**: Always run `npm run sanitize:templates` before pushing the database to remove API tokens from template workflows.
+
 **Note**: New templates fetched via `--update` mode will NOT have AI-generated metadata by default. You need to run `--metadata-only` separately to generate metadata for templates that don't have it yet.
 
 ## Troubleshooting
diff --git a/src/utils/template-sanitizer.ts b/src/utils/template-sanitizer.ts
index 9c11d67..90d7639 100644
--- a/src/utils/template-sanitizer.ts
+++ b/src/utils/template-sanitizer.ts
@@ -19,11 +19,17 @@ export const defaultSanitizerConfig: SanitizerConfig = {
   tokenPatterns: [
     /apify_api_[A-Za-z0-9]+/g,
     /sk-[A-Za-z0-9]+/g, // OpenAI tokens
+    /pat[A-Za-z0-9_]{40,}/g, // Airtable Personal Access Tokens
+    /ghp_[A-Za-z0-9]{36,}/g, // GitHub Personal Access Tokens
+    /gho_[A-Za-z0-9]{36,}/g, // GitHub OAuth tokens
     /Bearer\s+[A-Za-z0-9\-._~+\/]+=*/g // Generic bearer tokens
   ],
   replacements: new Map([
     ['apify_api_', 'apify_api_YOUR_TOKEN_HERE'],
     ['sk-', 'sk-YOUR_OPENAI_KEY_HERE'],
+    ['pat', 'patYOUR_AIRTABLE_TOKEN_HERE'],
+    ['ghp_', 'ghp_YOUR_GITHUB_TOKEN_HERE'],
+    ['gho_', 'gho_YOUR_GITHUB_TOKEN_HERE'],
     ['Bearer ', 'Bearer YOUR_TOKEN_HERE']
   ])
 };