GPGME KEYLIST_MODE_WITH_SECRET always returns key->secret = true if the keylist is done with a specific pattern.
I think this comes from the fact that gnupg apparently reports "there is a stub" for any such key.
E.g. with the key for wk@gnupg.org (can be any key):
A keylist without patterns returns the correct result:
$ gpg --with-colons --list-keys --with-secret | grep F2AD85AC1E42B367 pub:f:2048:17:F2AD85AC1E42B367:1199118275:1546232400::f:::scESC::::::::0: fpr:::::::::80615870F5BAD690333686D0F2AD85AC1E42B367:
But if a pattern is provided:
$ gpg --with-colons --list-keys --with-secret 80615870F5BAD690333686D0F2AD85AC1E42B367 | grep F2AD85AC1E42B367 pub:f:2048:17:F2AD85AC1E42B367:1199118275:1546232400::f:::scESC:::#:::::0: fpr:::::::::80615870F5BAD690333686D0F2AD85AC1E42B367:
Note the # in the S/N field 15. T