Google has specifically said that certain API keys like Firebase are not secrets (since people will find them)... though Gemini then ended up changing stuff. https://news.ycombinator.com/item?id=47156925

You're supposed to drive slow and careful, and not rely on seatbelts and airbags.

Yes, and you should! But not doing so resulting in this seems kind of over-the-top. Basically means an oversight can result in your bankcruptcy?