Hacker News new | ask | show | jobs
by stwrzn 464 days ago
Nice tool, however if I am correct you are calling the Google generative language API directly, your API key is exposed to the client (the browser).

If you have no spending limits, this is a very (very very very) bad idea.
2 comments
hiesnbugtastic 464 days ago
damn, I can't stress this enough. You publish a key be prepared for millions on dollars of issues.
link
stwrzn 464 days ago
Yes, exactly. Google seems to be calm in this regard luckily as far as i know though.

OP please revoke the key ASAP

link
vinnythejinny 464 days ago
Done. Thanks both of you for pointing out my obvious mistake
link
vinnythejinny 464 days ago
Thanks a lot man. I totally missed it lol. Just fixed it.
link