AI Leak Watch - Tracking Potential AI API Key Leaks

🔍">

Current Snapshot

...

Potential AI API key matches

Last Updated: Loading...

Next Refresh: Loading...

Source: GitHub code search aggregate counts

Data may be stale. The last successful refresh was more than 40 days ago.

How this is counted:<br>Aggregate GitHub code search matches for provider key prefixes. Results can include examples,<br>revoked keys, and false positives. No secrets or repository contents are stored.

Monthly Trend

Monthly snapshots by provider

Why This Matters

These numbers represent potential AI API key matches found in public GitHub repositories.<br>Some may be test strings, examples, or already revoked keys, but others could be active<br>credentials that pose security risks. Attackers can use active keys to make API calls on your behalf,<br>potentially exhausting your quota or running up costs.

Educational Purpose: This dashboard was created to raise awareness about<br>the importance of proper secrets management in AI development. Always use environment variables,<br>secrets managers, or secure configuration files - never hardcode API keys in your codebase.

Read More: For a deeper dive into this issue and practical solutions,<br>check out the full blog post: "It's 2025. Why Are We Still Pushing API Keys to GitHub?"

Key Tools to Protect Your Keys:

ASH (Automated Security Helper) - Comprehensive SAST, SCA, and IaC security scanner

TruffleHog - Advanced secrets detection