Right now, Coder passes all of its environment variables into the provisioner. A malicious template could use this behavior to exfiltrate CODER_PG_CONNECTION_URL and "root" Coder. To be safe in perpetuity, we should just strip all CODER_ environment variables.