API key theft via base URL redirect to attacker-controlled endpoint

Found via code audit. src/launcher/claude-launcher.ts:83-105. ANTHROPIC_BASE_URL overridable. User API key in Authorization header sent to attacker server.