fix: prevent API key leak to untrusted download URLs

[JannikSt]

Prevents sending the Authorization header when downloading env packages from URLs that don't match the trusted API host.

• Added _is_trusted_url helper to verify download URL host matches API base URL
• Applied check in both pull command and _download_and_build_private_env

---

Note

Medium Risk
Tightens authentication header handling in environment downloads, which can affect access to private env artifacts if download URLs are not HTTPS or don’t match the configured API host. Also changes tar extraction behavior to fail on additional validation errors.

Overview
Prevents leaking credentials during prime env pull and private env downloads by only attaching the Authorization header when the download_url is HTTPS and matches the configured API host (_is_trusted_url).

Switches archive extraction in pull to use _safe_tar_extract and treats validation failures (ValueError) as extraction errors, improving protection against malicious tar contents.

^{Reviewed by Cursor Bugbot for commit c8118f3. Bugbot is set up for automated code reviews on this repo. Configure here.}

[chatgpt-codex-connector]

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: f5319d9c34

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".