API Radar - See your leaked API keys before attackers do

I’m building API Radar as a solo dev to answer one question: “Which of our API keys are already leaked in public?” This launch ships a rebuilt engine that continuously pulls exposed keys from public GitHub and turns them into a searchable feed you can filter by provider, repo, file path, and time. The goal is to go from “some scanner says something is bad” to “here’s the exact key, in this file, in this repo – now revoke and rotate.” I’d love brutal feedback from developers, DevOps/SRE, and security folks: Would this slot into how you handle secrets right now? What’s missing to make this something you’d rely on during incidents? Happy to dive into technical details, detection logic, and roadmap in the comments.