⚠️ You might be exposing a secret token, is this intended?

#3
by token-scanner - opened

Please check Space app file as you might be exposing a secret token.
We recommend you to use Repository secrets (env variables) in your Space settings. Afterwards, you can use it like:

import os
SECRET_TOKEN = os.getenv("SECRET_TOKEN")

Read more here. Once this is fixed, we strongly advise you to invalidate or delete your secret so that no one else can use it. In case of a Hugging Face token, you can do this in your settings.

Soumen changed discussion status to closed

Not intended. Probably fixed soon!

Sign up or log in to comment