An API key is a password that lets your app use a service. Exposed means it is visible somewhere the public can read it, like your code or browser. It matters because anyone who finds it can use that service as you: run up bills, read your data, or send messages in your name. It is a found password.
Information current as at 5 July 2026
Of all the security problems in AI-built apps, the exposed API key is the most common and one of the most consequential, and it is also the easiest to understand. It is a password left in public. Once you grasp what a key is and where it hides, you can find and fix the problem yourself, usually within an hour and at no cost.
Most apps do not do everything themselves. They lean on outside services: a payment processor, an email sender, a mapping service, a database, an AI model. To use one of these, your app has to prove it is allowed, and it does that with an API key, a long secret string the service issues you. Think of it as a password for a service rather than a person. When your app sends a request along with the key, the service trusts it and acts. That is convenient and normal. The danger is entirely about who else can read that key, because the service cannot tell the difference between your app using it and a stranger using the same string.
A key is exposed when it sits somewhere the public can read it. The classic case in AI-built apps is a key written directly into the frontend code, the part that runs in the browser, where anyone can open the page source and see it. It also happens when keys are committed to a public code repository, printed into logs, or returned in a network response. AI builders produce this pattern often, because wiring a key straight into the app is the quickest way to make a feature work in a demo. Technology press reporting (XDA Developers) has described vibe-coded apps routinely shipping with exposed keys and data, which reflects how easily this slips through when the goal is a working prototype rather than a hardened product.
If you have made something and it needs to become real, send it over. We will tell you honestly what it needs to be live, safe and yours, whether that is a quick fix you can do or a proper build. No obligation.
A found key is a working credential in a stranger's hands. The damage depends on what the key unlocks, and it can be serious. A payment or infrastructure key can be used to run up real charges on your account. A database key can let someone read, change or delete your records, including customer data. An email or messaging key can send messages that appear to come from you, damaging your reputation and reaching your customers. An AI service key can be drained, leaving you with the bill. The service treats the key as proof of permission, so it does exactly what it is told, whether the request came from you or from whoever found the string. This is why an exposed key is not a theoretical risk but a live one.
The fix has two parts. First, rotate every exposed key: go to the service, reset or regenerate the key so the old one stops working immediately, and assume the old one was seen even if you have no proof. Second, move keys off the frontend. Secrets belong in server-side settings, called environment variables, that run on your host and are never sent to the browser. Sensitive services should be called from your backend, which holds the key, rather than directly from the visitor's page. To prevent recurrence, keep a short list of every key your app uses, confirm none appear in the page source, and rotate keys whenever code is shared or a service raises a warning. This is genuinely fixable without paying anyone, though if payment or customer-data keys were exposed, a careful review of what may have been reached is worth it.
If you have made something and it needs to become real, send it over. We will tell you honestly what it needs to be live, safe and yours, whether that is a quick fix you can do or a proper build. No obligation.
Whether you can name exactly what you want built, or you just know something is leaking, the next step is the same conversation.