#321 CRITICAL: Secrets system accepts name-based lookups instead of requiring UUID

Issue #317 was supposed to implement UUID-based secret identifiers, but the E2E test revealed that get_secret() still accepts string names like 'SAMPLE_API_KEY' instead of requiring UUIDs. The engine should enforce UUID-based lookups. This undermines the entire secrets architecture redesign.