The Ollama detection matched any URL containing "ollama", which hides
the API Key field for Ollama Cloud (ollama.com) and drops the key from
the createOllama() client, so cloud requests go out unauthenticated.
Narrow the rule to localhost-only Ollama and forward the API key as a
Bearer header when provided.
Co-authored-by: Claude Opus 4.7 (1M context) <noreply@anthropic.com>