fix: eliminate GitHub token temp file exposure in agent-setup (fixes #2462) (#2470)

Pass GITHUB_TOKEN directly via inline `export` in the remote SSH command
instead of writing it to local/remote temp files. This removes the race
condition window where tokens could be read from disk.

Agent: code-health

Co-authored-by: B <6723574+louisgv@users.noreply.github.com>
Co-authored-by: Claude Sonnet 4.5 <noreply@anthropic.com>

Author: 3 people

packages/cli/src/shared/agent-setup.ts

@@ -240,40 +240,16 @@ export async function offerGithubAuth(runner: CloudRunner): Promise<void> {
   }
 
   let ghCmd = "curl --proto '=https' -fsSL https://openrouter.ai/labs/spawn/shared/github-auth.sh | bash";
-  let localTmpFile = "";
   if (githubToken) {
     const escaped = githubToken.replace(/'/g, "'\\''");
-    localTmpFile = join(getTmpDir(), `gh_token_${Date.now()}_${Math.random().toString(36).slice(2)}`);
-    writeFileSync(localTmpFile, `export GITHUB_TOKEN='${escaped}'`, {
-      mode: 0o600,
-    });
-    const remoteTmpFile = `/tmp/gh_token_${Date.now()}`;
-    try {
-      await runner.uploadFile(localTmpFile, remoteTmpFile);
-      ghCmd = `. ${remoteTmpFile} && rm -f ${remoteTmpFile} && ${ghCmd}`;
-    } catch {
-      try {
-        unlinkSync(localTmpFile);
-      } catch {
-        /* ignore */
-      }
-      localTmpFile = "";
-    }
+    ghCmd = `export GITHUB_TOKEN='${escaped}' && ${ghCmd}`;
   }
 
   logStep("Installing and authenticating GitHub CLI on the remote server...");
   try {
     await runner.runServer(ghCmd);
   } catch {
     logWarn("GitHub CLI setup failed (non-fatal, continuing)");
-  } finally {
-    if (localTmpFile) {
-      try {
-        unlinkSync(localTmpFile);
-      } catch {
-        /* ignore */
-      }
-    }
   }
 
   // Propagate host git identity to the remote VM