Ok, it seems sufficient to store the key outside the space — it could be set as an environment variable or simply written as a string in any text file. When combined with setting the space to Read-Only via SB, this should constitute the standard approach to key isolation.
In fact, in this post Can't deploy latest versions on fly.io - #4 by ChenZhu-Xie, I also stored the GitHub token outside the space (i.e., the corresponding persistent volume) through init.sh.