No, never! Add a proper gitignore, put instructions in CLAUDE.md, AGENTS.md to NEVER read env files. Add pre- and post-hooks in Claude Code to prevent it from reading env files.

Best yet - never keep sensitive data locally on your machine in plaintext