just noticed that KubernetesJob passes the prefect api key as environment variable rather than a secret. Isn't this very bad for security? That way anybody who can read the pod's metadata can gain full access to anything possible by API calls, right?

Hmm yeah this is a good point, especially as the workspace url is there too