GitHub Token Scanning automatically scans public repositories to check for known token formats. If and when a token is found, it is checked against provider APIs. The provider will then validate the token and send information to the owner about next steps (token cancellation and re-issuing).

Learn more about Token Scanning