API key exploitation is more than hypothetical. In a different context, a student who reportedly exposed a GCP API key on GitHub last June was left nursing a $55,444 bill (later waived by Google) ...
Security researchers have found nearly 3000 publicly visible Google API keys authorizing Gemini. This allows abusive access.
Some results have been hidden because they may be inaccessible to you
Show inaccessible results