It's critical if you're working on client projects, with client API keys that you're encrypting them properly using N8N credentials.
Non-encrypted API keys = someone intercepting and abusing your API key
I've seen a few POCs (AI agents with HTTP requests and general HTTP requests) demo'd now (not Nate btw) where API keys are added directly into the request headers and sent unencrypted in the request so I created a video to show how to properly encrypt them in N8N (and with agents) & why it's important