feat(config): add required_envs field to CRS config for mandatory environment variable validation

[acorn421]

Summary

CRS implementations that depend on host environment variables (e.g., API tokens) have no way to declare them at the framework level. Each CRS must implement its own ad-hoc validation logic, leading to late runtime failures.

Description

Currently, CRSConfig in crs.yaml supports required_llms and required_inputs to declare dependencies that oss-crs validates before execution. However, there is no equivalent mechanism for required environment variables.

Multiple CRS implementations rely on host environment variables passed through via additional_env in compose YAML (e.g., COPILOT_GITHUB_TOKEN: ${COPILOT_GITHUB_TOKEN} in crs-copilot-cli, or LLM provider API keys like OPENAI_API_KEY, ANTHROPIC_API_KEY for LiteLLM-based CRS). Without a framework-level declaration, there is no preflight validation that the referenced variables actually exist on the host — failures only surface at runtime.

Current Status

• required_llms: validates LLM model availability via validate_required_llms() — exists
• required_inputs: validates input artifact dependencies — exists
• required_envs: validates host environment variables — missing

Proposed Solution

• Add a required_envs field to CRSConfig (similar to required_llms) that lists environment variable names the CRS requires
• Add a validate_required_envs() step in the compose preflight phase (crs_compose.py) that checks whether all declared env vars are present in the host environment or resolved via additional_env

[acorn421]

@azchin What we discussed in this morning!