The password is exposed when running some procedures from the command line.
For example with the procedures LogShipping_Add_PrimaryDatabase (@BackupPassword) and LogShipping_Add_PrimaryDatabase(@RestorePassword).
The password is required when encrypting . Therefore you must type the password in which case you will be exposing it.
The workaround is to generate the script from the wizard as it will automatically encrypt the password being used