It refuses to use an API token? In my experience, it's more than happy to read out my secrets from .envrc files "just to check".
At least it feels a lot of remorse over its mistake until I reset the session.
It’s really hit or miss. Most of the times it works but every once in a while it will dig in its heels