chore(scout-bot): normalize API key defaults for scout and web

docker-compose.yml

@@ -33,7 +33,7 @@ services:
       # Use the docker internal network to connect to postgres
       - DATABASE_URL=postgresql://agent:agent_password_secure@db:5432/agent_bounty?schema=public
       - NODE_ENV=production
-      - API_KEY=${API_KEY:-"super-secret-mcp-key"}
+      - API_KEY=${API_KEY:-super-secret-mcp-key}
       - E2B_API_KEY=${E2B_API_KEY:-""}
     depends_on:
       db:
@@ -63,19 +63,19 @@ services:
     environment:
       - NODE_ENV=production
       - VIBEWORK_API_URL=http://agent_bounty_web:3000/api
-      - SCOUT_API_KEY=${SCOUT_API_KEY:-super-secret-mcp-key}
+      - SCOUT_API_KEY=${SCOUT_API_KEY:-${API_KEY:-super-secret-mcp-key}}
       - SCOUT_AGENT_ID=scout_official_1
       # Optional: add more discovery repos via env (comma separated "owner/repo"), e.g. openai/swarm,significant-gravitas/autogpt
       - SCOUT_TARGET_REPOS=${SCOUT_TARGET_REPOS:-vibe-work/test-bounty-repo,open-webui/open-webui,microsoft/vscode,vercel/next.js,langchain-ai/langgraph,facebook/react,microsoft/TypeScript,openai/openai-cookbook,astral-sh/ruff,sequelize/sequelize,pnpm/pnpm,prisma/prisma}
       # Optional: comma-separated labels; leave unset for broad scan of all open issues
-      - SCOUT_ISSUE_LABELS=${SCOUT_ISSUE_LABELS}
+      - SCOUT_ISSUE_LABELS=${SCOUT_ISSUE_LABELS:-}
       # Keep compatibility with existing naming
-      - SCOUT_ISSUE_LABEL=${SCOUT_ISSUE_LABEL}
+      - SCOUT_ISSUE_LABEL=${SCOUT_ISSUE_LABEL:-}
       - SCOUT_CRON_EXPRESSION=${SCOUT_CRON_EXPRESSION:-*/3 * * * *}
       - SCOUT_PER_PAGE=${SCOUT_PER_PAGE:-50}
       - SCOUT_MAX_ISSUES_PER_SCAN=${SCOUT_MAX_ISSUES_PER_SCAN:-60}
       # GitHub token should be provided in deployment env for real posting.
-      - GITHUB_TOKEN=${GITHUB_TOKEN}
+      - GITHUB_TOKEN=${GITHUB_TOKEN:-}
     networks:
       - agent-bounty-network