In order for the 'wikimedia' Travis-CI builds to run user tests on the beta sites, the standard test account 'Pywikibot-test' needs to exist with the same password used elsewhere.
As beta sites only use http, that means the password for the account used on real wikis needs to be used on the beta sites, and can be captured easily. It is a risk. The Pywikibot-test account could become compromised. That may not be a serious problem as the account doesnt have any special permissions. However HTTPS on beta (T50501) would be solve this problem.
The solution was to use an oauth account, which is less problematic from a shared password perspective.