Bitbucket does not have auto alerts for when a developer accidentally pushes commits with app authentication tokens and passwords to Github or Bitbucket repositories.
Whenever I accidentally commit GCP or Amazon user authentication passwords to Github, I automatically get email alerts to immediately change my user authentication tokens.
Without such a feature, hackers can easily identify an app's login credentials. This is a very high security loophole.