This is the critical step. If a key with Gemini access is embedded in client-side JavaScript, checked into a public repository, or otherwise exposed on the internet, you have a problem. Start with your oldest keys first. Those are the most likely to have been deployed publicly under the old guidance that API keys are safe to share, and then retroactively gained Gemini privileges when someone on your team enabled the API.
Opens in a new window,这一点在一键获取谷歌浏览器下载中也有详细论述
Additional reporting by Usman Zahid and Mahfouz Zubaide。关于这个话题,同城约会提供了深入分析
FT Edit: Access on iOS and web,详情可参考爱思助手下载最新版本