VIDEO
OopsKey – Open-Source Google API Key Audit Tool by Tom
Video Summary:
Google API keys long considered low-risk may now expose far more than expected if Gemini is enabled in a project. The open-source tool OopsKey, created by Tom Pohl at LMG Security, helps security teams quickly identify exposed keys and determine whether they can access AI services or trigger unexpected costs. The takeaway: platform changes can quietly expand the risk of old credentials, so defenders need to reassess API key restrictions and visibility in the AI era. Link to the tool: https://github.com/LMGsec/OopsKey
Google API keys long considered low-risk may now expose far more than expected if Gemini is enabled in a project. The open-source tool OopsKey, created by Tom Pohl at LMG Security, helps security teams quickly identify exposed keys and determine whether they can access AI services or trigger unexpected costs. The takeaway: platform changes can quietly expand the risk of old credentials, so defenders need to reassess API key restrictions and visibility in the AI era. Link to the tool: https://github.com/LMGsec/OopsKey
