security: remove hardcoded API key from test files and docs

The CODE_INTERPRETER_KEY was hardcoded in 4 test files and 1 doc file.
This key matched the production .env and was pushed to a public fork
branch, violating R2 (secrets never in Git) and EXI-DLP.

Remediation:
- Test files now read from CODE_INTERPRETER_KEY env var
- Shell test uses ${VAR:?} to fail fast if unset
- Doc references replaced with "$CODE_INTERPRETER_KEY (voir .env)"
- Production key has been rotated (separate action)
- Remote branch containing the leak has been deleted

Generated with [Claude Code](https://claude.ai/code)
via [Happy](https://happy.engineering)

Co-Authored-By: Claude <noreply@anthropic.com>
Co-Authored-By: Happy <yesreply@happy.engineering>

Author: 3 people