Attackers scan the public web like a directory to find your infrastructure....

https://www.scribd.com/document/1016148224/Password-Manager-Account-Takeover-Can-Search-Exposure-Help-Attackers-182382

Attackers scan the public web like a directory to find your infrastructure. When your SSH configurations or private repository keys leak into search indices or GitHub, you hand hackers a roadmap for credential stuffing attacks