@abhisekp To not use encrypted files, or a least not use them in external PR builds. Anything that you give external PRs access to is effectively public information because they contain untrusted code.
An external pull request can be detected in build logic with this Bash condition (see https://docs.travis-ci.com/user/environment-variables/#default-environment-variables):
[[ $TRAVIS_PULL_REQUEST != "false" && $TRAVIS_PULL_REQUEST_SLUG != "$TRAVIS_REPO_SLUG" ]]