Print environment fingerprints, not secrets

Safe debugging note for environment variable shadowing without exposing secrets.

Environment variable bugs need visibility, but printing raw values is risky. For debugging, a safe fingerprint is often enough: source file or source layer, parsed boolean, URL host without credentials, token length, or a redacted suffix when allowed. The important part is to identify which source won, not to expose the secret. This is especially useful when a shell profile, CI secret, dotenv file, or process manager config silently overrides the expected value.