pub fn sanitize_env(env: &Map<String, Value>) -> Map<String, Value>Expand description
Remove dangerous environment variables from a recipe-provided env map.
Returns the sanitized map (dangerous vars silently stripped). This is intentionally silent — we don’t want to leak information about which vars are blocked, and benign recipes won’t set these.