It is risky to expose a shared secret token in XML, logs, or QEMU command lines because it can be easily accessed by users or processes. Sharing the token among all VFs means that promoting this model in libvirt could inadvertently reveal the secret https://kandiskoll.se/marcus-och-martinus-mamma-dod/, so alternative methods like per-VF keys or secure token handling should be considered.
