You report a compromised key — with your confirmation the scenario deactivates it in AWS IAM, audits the permissions, applies a restriction and reports to Slack.