Title:Paratrooper-newrelic 1.0.1 Ruby Gem exposes API key
From paratrooper-newrelic-1.0.1/lib/paratrooper-newrelic.rb:

lines 25 and 29 expose the API key to the command line where a malicious user can monitor the process tree and steal the login credentials.

 24       def setup(options = {})
 25         %x[curl https://heroku.newrelic.com/accounts/#{account_id}/applications/#{application_id}/ping_targets/disable -X POST -H "X-Api-Key: {api_key}    "]  
 26       end
 27   
 28       def teardown(options = {})
 29         %x[curl https://heroku.newrelic.com/accounts/#{account_id}/applications/#{application_id}/ping_targets/enable -X POST -H "X-Api-Key: #{api_key}"    ]
 30       end