Environment variables added on the repository level can be accessed by any users with the push permission in the repository. You can set a repository environment variable to perform scans on each new build.
To complete this task:
In Bitbucket, go to the repository you want to scan and select Settings > Pipelines > Environment variables.
In the Type variable field, enter
In the Type value field, paste your API token.
Verify the Secured checkbox is selected.