Comment by ivannovazzi

The root fix is avoiding .env files entirely. We built KeyEnv (keyenv.dev) with this in mind: a CLI-first secrets manager where you run `keyenv run -- npm start` and secrets are injected as env vars at runtime without ever touching disk. No .env file means nothing for an AI agent (or anyone with filesystem access) to read.

enveil is a good defense-in-depth layer for existing .env workflows. But if you can change the habit, removing the file at the source is cleaner.

Disclosure: I'm one of the builders of KeyEnv.