fix: re-check secrets manifest before every dispatch, not just at startAuto

When plan-milestone writes SECRETS-MANIFEST.md, the secrets gate at
startAuto has already fired (manifest didn't exist yet). Without a
re-check, the model proceeds into plan-slice / execute-task with no
real credentials and mocks external services — cascading risk into
every downstream slice.

Added a secrets re-check gate inside dispatchNextUnit that runs before
every unit dispatch. getManifestStatus is cheap (file read + .env
scan) so the check is a no-op when no manifest exists or all secrets
are already collected. Idempotent: skips keys already present in .env.

Closes #303

src/resources/extensions/gsd/auto.ts

@@ -1176,6 +1176,27 @@ async function dispatchNextUnit(
     }
   }
 
+  // ── Secrets re-check gate — runs before every dispatch, not just at startAuto ──
+  // plan-milestone writes SECRETS-MANIFEST.md during its unit. By the time we
+  // reach the next dispatchNextUnit call the manifest exists but hasn't been
+  // presented to the user yet. Without this re-check the model would proceed
+  // into plan-slice / execute-task with no real credentials and mock everything.
+  try {
+    const manifestStatus = await getManifestStatus(basePath, mid);
+    if (manifestStatus && manifestStatus.pending.length > 0) {
+      const result = await collectSecretsFromManifest(basePath, mid, ctx);
+      ctx.ui.notify(
+        `Secrets collected: ${result.applied.length} applied, ${result.skipped.length} skipped, ${result.existingSkipped.length} already set.`,
+        "info",
+      );
+    }
+  } catch (err) {
+    ctx.ui.notify(
+      `Secrets collection error: ${err instanceof Error ? err.message : String(err)}`,
+      "warning",
+    );
+  }
+
   const needsRunUat = await checkNeedsRunUat(basePath, mid, state, prefs);
   // Flag: for human/mixed UAT, pause auto-mode after the prompt is sent so the user
   // can perform the UAT manually. On next resume, result file will exist → skip.