The irony: the model trained on leaked API internals is the same model teams hand their API keys to for debugging. Every time someone pastes a key into a prompt to troubleshoot a 401, that credential goes through the same pipeline. Key rotation helps but only if you know the key leaked. Most teams find out from a bill, not a log.