As the topic of putting secrets in Open Source code repositories is still an issue for quite some Ruby on Rails projects, today the Ruby on Rails Default Token Database is being made available.
The usage is simple: just paste a Ruby on Rails session cookie (just the value, not the name) into the textbox and click submit. The output should be either that the signing token is known somewhere in the Internet, or not.
Parts of the underlying database are powered by WiK's awesome gitdigger project.
Recommended further reading: