GitHub secret scanning protects users by searching repositories for known types of secrets. By identifying and flagging these secrets, our scans help prevent data leaks and fraud.
We have partnered with Sendinblue to scan for their API keys, which can be used to send emails. We'll forward API keys we find in public repositories to Sendinblue, who will review the detection then notify their users via email.
We continue to welcome new partners for public repo secret scanning. GitHub Advanced Security customers can also scan their private repositories for leaked secrets.