DEV Community

Discussion on: Sorry, I hacked you.

Collapse
mlabarca profile image
Mauricio Labarca

Anyone can exploit it if you leave the api keys exposed, its just a manner of coincidence that bot had scraped it off the github source. Using environment variables in the server is a simple and much safer way.