Security Never commit .env, exchange API keys, or AI_API_KEY. Run with AGENT_DRY_RUN=true until execution is validated. Review LLM decisions manually before disabling dry-run.