Publish something to Github in a public repo? It pulls it, scans it, and reports!
Especially if you accidentally put in keys