fix: Replace dummy plausible secrets with clear placeholders
Summary
- Replace RocketChat config fallback values that looked like real credentials with obviously-invalid placeholders
- Prevents false positives from security scanners
- Matches the placeholder style already used in
.env.testing
Context
The previous fallback values (DaMHvraiQbNBxi7W5, VZhTOE20q3Xe9xTgA9QqjbQAYxYEhAfkUZpAm7xrQgd) matched RocketChat's credential format, triggering security scanner alerts despite never being valid credentials.
Verified these were never functional against https://openhive.chat (returns 401).
Test plan
-
Verify fallback values are obviously placeholders -
Confirm placeholder style matches .env.testing -
CI passes