GitHub is now protecting users of CloudBees from accidental leaks of their API tokens. Token scanning scans all incoming commits in public repositories. If potential tokens are discovered, it sends them to partners for verification, and potential action, including contacting the token owner and/or revoking the token on the server-side.

Learn more about token scanning