Yeah, I just got an invite code yesterday, but given this I may opt against using it - this seems like a real risk for leaking env vars, credentials...I don't so much mind stuff like Segment and Sentry, but I'd love to see some details from someone familiar with the project around the same questions you raised regarding the web-integrated functionality.