I work on the assumption that any secret key will eventually get loose. Not because my clients are careless, but because there are automated programs that do nothing all day but read through public code looking for keys left behind. They are patient and they are fast. Once you accept that a leak is a question of when, the job changes: you stop trying to make a key impossible to lose and start making each key barely worth stealing.

Deleting a key does not erase it

Here is the part that catches people out. The tools your AI uses to track code keep a full history of every version, like a ledger where old entries are crossed out but never torn from the book. If a secret key was written into the code six months ago and removed the next morning, it is still sitting in that history, readable by anyone who copies the project. So a key you thought you had cleaned up may have been quietly exposed the whole time. If your code has ever been public, even briefly, treat the keys from that period as compromised and replace them today.

Tell your AI: "Scan the full code history, not just the current version, for any secret keys ever committed. List them so I can rotate every one, and confirm whether the code was ever public."

Block the key before it is ever saved

Most code platforms now offer a guard that inspects a change for anything that looks like a secret and refuses to save it until the key is removed. Turn it on. It is the difference between catching the mistake in the two seconds before it is recorded and discovering it months later in that permanent history. Ask for the same guard to sweep everything already stored, so old mistakes surface now rather than during an incident.

Tell your AI: "Turn on secret scanning and push protection so any change containing a key is blocked before it is saved, and run a scan over the existing history for anything already there."

Give each key the smallest job possible

The last move is the one that makes a leak survivable. A key does not have to be able to do everything your app can do. You can issue a key that only reads and never changes, one that serves a single purpose, one that refuses to work unless the request comes from your own website. Scoped that tightly, a leaked key is close to useless in a stranger's hands: it opens one narrow drawer instead of the whole building. Do that for every key, and the day one escapes becomes an annoyance rather than a crisis.

Tell your AI: "Review every secret key and cut its permissions to the minimum it needs: read-only where possible, one purpose each, and locked to my own domain. Reissue anything over-privileged."