Previously, Review Bot did not check for credentials that may have been

accidentally included in the commit. A human reviewer would have to 

look out for them, but we hoped to move more of this task's burden 

to Review Bot.
A new Credentials Check tool has been added to Review Bot which 

looks for various key files, other sensitive files and inline embedded

AWS credentials to make sure these are not pushed to the repository.

Manual tests (correctly finds and creates issues on lines with the

credentials, or marks the first line of a file type (including 

file types specified from options tab) that should not have been 

included e.g. .pem files).