fix(security): remove hardcoded password from agent protocols

- Replace hardcoded password with environment variables - Add .env.example template for secure configuration - Update .gitignore to prevent committing secrets - Add os import for environment variable support Fixes critical security vulnerability in agent message protocol
2026-03-08 12:22:05 +01:00
parent 304da2a78b
commit 5697d1a332
3 changed files with 35 additions and 4 deletions
--- a/.gitignore
+++ b/.gitignore
@@ -245,13 +245,20 @@ config.json
 secrets.json

 # Temporary files
->>>>>>> Stashed changes
 *.tmp
 *.temp
 *.bak
 *.backup

-<<<<<<< Updated upstream
+# ===================
+# Environment Files
+# ===================
+.env
+.env.local
+.env.production
+*.env
+.env.*.local
+
 # ===================
 # Windsurf IDE
 # ===================