If you are concerned that visitors to the web page might see strings that contain sensitive information, you could consider encryption. However, since it is the browser that executes the JavaScript code, a highly motivated user could still get access to the code, and work at getting at the sensitive information.
Are you hosting the web pages on a server that you control? If so, you could hide a lot of the logic by using a web framework, such as Flask. See:
With Flask, you would use Python to create web pages. Much or all of the sensitive logic could be performed behind the scenes. You could still use p5.js to perform the graphics.