Hi @jameslevine
Please don’t use keys such as these in a front-end app as they become exposed in the code. Variables such as this that need to remain secret are safer with a serverless function.
Have you checked out [Support Guide] Using environment variables on Netlify correctly?
I have not encountered such issues before.
I created a test deploy first using environment variables set in a netlify.toml, then .env, and then via the Netlify UI. In all cases the variables set were included in the build.