Secure Environment variables and secrets

How can I add environment variables or secrets credentials like token while using any SDK in ghost ?
I want to keep them safe and public user should not be able to access it

If you’re using any SDK in the client/browser, users will always be able to retrieve them one way or another.

Can you tell us more about your specific use case? That way it will be easier to show you potential options.