I made a basic chatbot api on a site called repl.it, in which i stupidly left my api key in the code when testing it, i was going to have it so the user could input their key then use the code.
Recently I got charged £2 as thats the limit i set on the key when i made it. I havent used it in 2 months and this was the first spike of activity since then. Im just worried that the api key was used in a way that could breach any polices. Though i have not recieved any emails about violations so i think im in the clear.