The service has changed quite a bit since that first repo. Now I am focusing on granting a whole bunch of API functionality to no-code/low-code users. While the user still needs to send a key over initially, the keys are stored on my system securely, are no longer visible in the generated URL. They are also deleted asap if inactivity with the URL is detected. Now the keys are far less exposed but I appreciate there is still a bridge of trust to be cleared in sending them initially. I hope my continued development of the product shows I am taking the security and privacy aspect of this seriously. If anyone has any questions about this they can talk to me anytime!
The current state of the code is not ready for open source (its quite unique to my setup and secure storage methods). Maybe one day I will make the code more transferable and get it open sourced!