chore(compose): flag default compose file as local-testing only

The default docker/docker-compose.yml ships with a hardcoded placeholder
BETTER_AUTH_SECRET, SEED_DATA=true (which populates a fake demo-agent
with sample token usage on every boot), and the well-known
admin@manifest.build / manifest credentials. All three are fine for a
localhost quick-start but become a security footgun the moment anyone
exposes the instance beyond localhost.

This adds a header comment listing the three defaults to change before
non-local use, plus an inline comment on the BETTER_AUTH_SECRET line so
it is visible right where it's defined.

No functional change — the compose file still boots unchanged for
first-time readers.

Closes #1531.

Author: brunobuddy

docker/docker-compose.yml

@@ -1,10 +1,18 @@
+# This compose file is intended for local testing only. Before exposing
+# this instance beyond localhost:
+#   - Replace BETTER_AUTH_SECRET below with a real secret. Generate one
+#     with: openssl rand -hex 32
+#   - Set SEED_DATA=false to stop seeding the demo agent on every boot.
+#   - Change the seeded admin password (admin@manifest.build / manifest).
+
 services:
   manifest:
     image: manifestdotbuild/manifest:latest
     ports:
       - "3001:3001"
     environment:
       - DATABASE_URL=postgresql://manifest:manifest@postgres:5432/manifest
+      # ⚠  Placeholder. Replace before any non-localhost use (see top of file).
       - BETTER_AUTH_SECRET=change-me-to-a-random-32-char-string!!
       - BETTER_AUTH_URL=http://localhost:3001
       - SEED_DATA=true