Description of task
The current training script stores the Roboflow API key directly in the source code. Hardcoding credentials is insecure because keys end up in version control history, making revocation necessary.
Proposed fix:
Store the API key in an environment variable (e.g., ROBOFLOW_API_KEY) or a .env file excluded via .gitignore. Update the script to read from the environment at runtime.
Description of task
The current training script stores the Roboflow API key directly in the source code. Hardcoding credentials is insecure because keys end up in version control history, making revocation necessary.
Proposed fix:
Store the API key in an environment variable (e.g., ROBOFLOW_API_KEY) or a .env file excluded via .gitignore. Update the script to read from the environment at runtime.