As others already pointed out, there are alternatives of .env files. Although, I'm not very concerned about having temporary access keys to development environments stored in .env files. The agents should not be dealing with secrets directly though.