Sounds like a good way to do it.

Makes me think of docker secret where the secrets are exposed as files and accessable only from inside the container.

If the development environment uses docker then thats a solution too I guess

If you let your agent use docker you've basically given it root on your machine.

	▲	hoppp 34 minutes ago \| parent [-]
		I use podman btw Its aliased to docker Building a project as a container and giving an agent access to running docker commands are different things.