Shugit was a little too much on the edge of what really you should be doing. For a while they were running this website called like shugit.com or something, like secret. And it was just a live stream of just all the secrets that were being committed to public repositories. This isn't people accidentally committing their secrets to the improper kind of secure place in their organization where they like accidentally pushed to a private Git repo. It's only showing you public repos with API, like valid API keys be committed to them.