The risk is small and we do provide a way to make it secure.
There are two ways to reduce the risk of your token being abused :
Our system allows a token to be locked to a specific domain(s). Usage on any other domains will be denied.
Use a data relay script on your own server. This will hide your token on your server and you can implement additional security there.
Please get in touch if you would like more information on this topic.