⚠️ You might be exposing a secret token, is this intended?
#2
by
token-scanner
- opened
Please check Space app file as you might be exposing a secret token.
We recommend you to use Repository secrets
(env variables) in your Space settings. Afterwards, you can use it like:
import os
SECRET_TOKEN = os.getenv("SECRET_TOKEN")
Read more here. Once this is fixed, we strongly advise you to invalidate or delete your secret so that no one else can use it. In case of a Hugging Face token, you can do this in your settings.
Thanks, i believe we are using Repository secrets, where applicable. Can you provide more details (ideally a file name and line number) about what was identified in your scan?