diff --git a/.changeset/patch-extend-secret-redaction-extensions.md b/.changeset/patch-extend-secret-redaction-extensions.md
new file mode 100644
index 00000000000..3ae738abad0
--- /dev/null
+++ b/.changeset/patch-extend-secret-redaction-extensions.md
@@ -0,0 +1,5 @@
+---
+"gh-aw": patch
+---
+
+Extend secret redaction to .md, .mdx, .yml, .jsonl files
diff --git a/pkg/workflow/js/redact_secrets.cjs b/pkg/workflow/js/redact_secrets.cjs
index b6da4bf33af..f1521940564 100644
--- a/pkg/workflow/js/redact_secrets.cjs
+++ b/pkg/workflow/js/redact_secrets.cjs
@@ -3,7 +3,7 @@
 
 /**
  * Redacts secrets from files in /tmp/gh-aw directory before uploading artifacts
- * This script processes all .txt, .json, .log files under /tmp/gh-aw and redacts
+ * This script processes all .txt, .json, .log, .md, .mdx, .yml, .jsonl files under /tmp/gh-aw and redacts
  * any strings matching the actual secret values provided via environment variables.
  */
 const fs = require("fs");
@@ -126,7 +126,7 @@ async function main() {
     }
     core.info(`Found ${secretValues.length} secret(s) to redact`);
     // Find all target files in /tmp/gh-aw directory
-    const targetExtensions = [".txt", ".json", ".log"];
+    const targetExtensions = [".txt", ".json", ".log", ".md", ".mdx", ".yml", ".jsonl"];
     const files = findFiles("/tmp/gh-aw", targetExtensions);
     core.info(`Found ${files.length} file(s) to scan for secrets`);
     let totalRedactions = 0;
diff --git a/pkg/workflow/js/redact_secrets.test.cjs b/pkg/workflow/js/redact_secrets.test.cjs
index 4afc1c73e20..868a9357ed4 100644
--- a/pkg/workflow/js/redact_secrets.test.cjs
+++ b/pkg/workflow/js/redact_secrets.test.cjs
@@ -237,5 +237,36 @@ describe("redact_secrets.cjs", () => {
       // Should complete without error
       expect(mockCore.info).toHaveBeenCalledWith(expect.stringContaining("No secret values found to redact"));
     });
+
+    it("should handle new file extensions (.md, .mdx, .yml, .jsonl)", async () => {
+      // Create test files with the new extensions
+      fs.writeFileSync(path.join(tempDir, "test.md"), "# Markdown\nSecret: api-key-md123");
+      fs.writeFileSync(path.join(tempDir, "test.mdx"), "# MDX\nSecret: api-key-mdx123");
+      fs.writeFileSync(path.join(tempDir, "test.yml"), "# YAML\nkey: api-key-yml123");
+      fs.writeFileSync(path.join(tempDir, "test.jsonl"), '{"key": "api-key-jsonl123"}');
+
+      process.env.GH_AW_SECRET_NAMES = "API_MD,API_MDX,API_YML,API_JSONL";
+      process.env.SECRET_API_MD = "api-key-md123";
+      process.env.SECRET_API_MDX = "api-key-mdx123";
+      process.env.SECRET_API_YML = "api-key-yml123";
+      process.env.SECRET_API_JSONL = "api-key-jsonl123";
+
+      const modifiedScript = redactScript.replace(
+        'findFiles("/tmp/gh-aw", targetExtensions)',
+        `findFiles("${tempDir.replace(/\\/g, "\\\\")}", targetExtensions)`
+      );
+
+      await eval(`(async () => { ${modifiedScript} })()`);
+
+      // Check all files were redacted
+      // api-key-md123 (13 chars) -> api + 10 asterisks
+      // api-key-mdx123 (14 chars) -> api + 11 asterisks
+      // api-key-yml123 (14 chars) -> api + 11 asterisks
+      // api-key-jsonl123 (16 chars) -> api + 13 asterisks
+      expect(fs.readFileSync(path.join(tempDir, "test.md"), "utf8")).toBe("# Markdown\nSecret: api**********");
+      expect(fs.readFileSync(path.join(tempDir, "test.mdx"), "utf8")).toBe("# MDX\nSecret: api***********");
+      expect(fs.readFileSync(path.join(tempDir, "test.yml"), "utf8")).toBe("# YAML\nkey: api***********");
+      expect(fs.readFileSync(path.join(tempDir, "test.jsonl"), "utf8")).toBe('{"key": "api*************"}');
+    });
   });
 });