fix(agent): hide auth placeholder env in preflight

bot_bottle/backend/docker/bottle_plan.py

@@ -18,7 +18,7 @@ from ...log import info
 from ...pipelock import PipelockProxyPlan
 from ...supervise import SupervisePlan
 from .. import BottlePlan
-from ..print_util import print_multi
+from ..print_util import print_multi, visible_agent_env_names
 
 
 @dataclass(frozen=True)
@@ -73,7 +73,10 @@ class DockerBottlePlan(BottlePlan):
         # interpolations from the manifest; egress holds
         # upstream tokens in its own environ, so no token forwarding
         # from the agent to the proxy is needed.
-        env_names = sorted(set(bottle.env.keys()) | set(self.forwarded_env.keys()))
+        env_names = visible_agent_env_names(
+            sorted(set(bottle.env.keys()) | set(self.forwarded_env.keys())),
+            agent_provider_template=self.agent_provider_template,
+        )
 
         print(file=sys.stderr)
         info(f"agent           : {spec.agent_name}")

bot_bottle/backend/print_util.py

@@ -9,6 +9,7 @@ from __future__ import annotations
 
 from typing import Sequence
 
+from ..agent_provider import runtime_for
 from ..log import info
 
 
@@ -26,3 +27,19 @@ def print_multi(label: str, values: Sequence[str]) -> None:
     indent = " " * (len(label) + 2)
     for v in values[1:]:
         info(f"{indent}{v}")
+
+
+def visible_agent_env_names(
+    env_names: Sequence[str], *, agent_provider_template: str,
+) -> list[str]:
+    """Env names worth showing in launch summaries.
+
+    Provider auth placeholders (`OPENAI_API_KEY`,
+    `CLAUDE_CODE_OAUTH_TOKEN`) are implementation details: they are
+    non-secret dummy values that satisfy the provider CLI while egress
+    injects the real upstream Authorization header. Showing them in
+    preflight makes the operator think a real key is entering the
+    agent, so hide only that provider-owned placeholder.
+    """
+    hidden = {runtime_for(agent_provider_template).placeholder_env}
+    return sorted({name for name in env_names if name not in hidden})

bot_bottle/backend/smolmachines/bottle_plan.py

@@ -19,7 +19,7 @@ from ...log import info
 from ...pipelock import PipelockProxyPlan
 from ...supervise import SupervisePlan
 from .. import BottlePlan
-from ..print_util import print_multi
+from ..print_util import print_multi, visible_agent_env_names
 
 
 @dataclass(frozen=True)
@@ -107,7 +107,10 @@ class SmolmachinesBottlePlan(BottlePlan):
         agent = manifest.agents[spec.agent_name]
         bottle = manifest.bottle_for(spec.agent_name)
 
-        env_names = sorted(bottle.env.keys())
+        env_names = visible_agent_env_names(
+            sorted(bottle.env.keys()),
+            agent_provider_template=self.agent_provider_template,
+        )
         upstreams = [
             f"{g.Name} → {g.Upstream}" for g in bottle.git
         ]

tests/unit/test_print_util.py

@@ -0,0 +1,31 @@
+"""Unit: shared preflight print helpers."""
+
+from __future__ import annotations
+
+import unittest
+
+from bot_bottle.backend.print_util import visible_agent_env_names
+
+
+class TestVisibleAgentEnvNames(unittest.TestCase):
+    def test_hides_codex_auth_placeholder(self):
+        self.assertEqual(
+            ["CUSTOM"],
+            visible_agent_env_names(
+                ["OPENAI_API_KEY", "CUSTOM"],
+                agent_provider_template="codex",
+            ),
+        )
+
+    def test_hides_only_active_provider_placeholder(self):
+        self.assertEqual(
+            ["CUSTOM", "OPENAI_API_KEY"],
+            visible_agent_env_names(
+                ["CLAUDE_CODE_OAUTH_TOKEN", "OPENAI_API_KEY", "CUSTOM"],
+                agent_provider_template="claude",
+            ),
+        )
+
+
+if __name__ == "__main__":
+    unittest.main()