== Ask Yourself Whether

* The secret allows access to a sensitive component like a database, a file storage, an API, or a service.
* The secret is used in a production environment.
* Application re-distribution is required before updating the secret.

There would be a risk if you answered yes to any of those questions.