Context

PR #13 (implementing CodexCliRuntime, closing #12) introduced ANTHROPIC_API_KEY stripping in CodexCliRuntime.buildEnv(). This was specified in the issue but on reflection is scope creep for a single runtime:

• Only Codex strips ANTHROPIC_API_KEY — Claude and Gemini don't strip anything
• If cross-provider isolation is worth doing, it should be symmetric across all runtimes
• If it's not worth doing (low risk — APIs reject wrong keys), it shouldn't be in any runtime

Options

1. Remove it entirely from CodexCliRuntime.buildEnv() — simplest, matches Claude/Gemini behavior (return {})
2. Implement symmetrically — each runtime strips all other provider keys (Codex strips ANTHROPIC_API_KEY + GEMINI_API_KEY, Claude strips OPENAI_API_KEY + GEMINI_API_KEY, etc.)
3. Move to CLIRuntimeBase — base class handles stripping based on a provider-key mapping, subclasses declare which keys are theirs

Recommendation

Option 1 (remove). The risk is negligible and the complexity isn't justified.

References

• src/middleware/runtimes/codex.ts — buildEnv() at issue
• src/middleware/runtimes/claude.ts — returns {}
• src/middleware/runtimes/gemini.ts — returns {}
• PR feat(middleware): implement CodexCliRuntime concrete class (#12) #13