If you find an exposed token in the wild, for a service supported by GitHub Secret Scanning, uploading it to a Gist will either immediately revoke it or notify the owner.
it works for any gist, public or private. it doesn't need to follow a certain format. it's just based on how the secret itself is formatted—it works for secrets that have a predictable pattern, like the AWSK prefix for Amazon keys.
if algolia keys have this predictable pattern, then they can enroll in secret scanning. If they don't then they probably can't