What
Scan Docker container environment variable names (not values) for patterns that indicate a reference to a known AI provider (e.g., OPENAI_API_KEY, ANTHROPIC_API_KEY, OPENROUTER_API_KEY). When a match is found, draw an edge from that container node to the corresponding provider node in the visual map.
Edge thickness encodes reference count (one container referencing multiple providers → thicker edges).
Critical invariant: Only env var names are read, never values. This mirrors the git-secrets model and is an absolute product requirement.
Acceptance criteria
- Container env var names scanned at each Docker poll cycle
- Edges created/removed dynamically as containers start/stop
- Env var values never logged, stored, or transmitted
- Edge thickness scales with reference count
References
MVP.md §2.4 (Edges — auto-detected), §3.1 (env file discovery — invariant note)
What
Scan Docker container environment variable names (not values) for patterns that indicate a reference to a known AI provider (e.g.,
OPENAI_API_KEY,ANTHROPIC_API_KEY,OPENROUTER_API_KEY). When a match is found, draw an edge from that container node to the corresponding provider node in the visual map.Edge thickness encodes reference count (one container referencing multiple providers → thicker edges).
Critical invariant: Only env var names are read, never values. This mirrors the
git-secretsmodel and is an absolute product requirement.Acceptance criteria
References
MVP.md §2.4 (Edges — auto-detected), §3.1 (env file discovery — invariant note)