I think not. The standard tools read the token from ~/.pypirc (or the console if absent). Inadvertent commits of the token probably only happens if you have a custom script with a hardcoded token.