feat(cloud): add API key validation before spawning agent container (#147)

Add a CI step that validates the Anthropic API key before spawning
Railway containers. This prevents wasted resources if the API key
is invalid or the model routing is misconfigured.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

Author: Trinity Agent

.github/workflows/agent-spawn.yml

@@ -14,6 +14,23 @@ jobs:
       contents: read
       issues: write
     steps:
+      - name: Validate API key
+        env:
+          ANTHROPIC_API_KEY: ${{ secrets.ANTHROPIC_API_KEY }}
+          ANTHROPIC_BASE_URL: ${{ secrets.ANTHROPIC_BASE_URL }}
+        run: |
+          RESPONSE=$(curl -s "${ANTHROPIC_BASE_URL}/v1/messages" \
+            -H "x-api-key: ${ANTHROPIC_API_KEY}" \
+            -H "anthropic-version: 2023-06-01" \
+            -H "Content-Type: application/json" \
+            -d '{"model":"glm-5","max_tokens":10,"messages":[{"role":"user","content":"hi"}]}')
+          MODEL=$(echo "$RESPONSE" | jq -r '.model // "error"')
+          echo "API returned model: $MODEL"
+          if [ "$MODEL" = "error" ]; then
+            echo "::error::API key validation failed"
+            exit 1
+          fi
+
       - name: Spawn container via Railway API
         env:
           RAILWAY_API_TOKEN: ${{ secrets.RAILWAY_API_TOKEN }}