diff --git a/.gitea/workflows/continuous-synth-e2e.yml b/.gitea/workflows/continuous-synth-e2e.yml
index 6071b9165..48a00ec23 100644
--- a/.gitea/workflows/continuous-synth-e2e.yml
+++ b/.gitea/workflows/continuous-synth-e2e.yml
@@ -131,9 +131,9 @@ jobs:
       # on the per-runtime default ("sonnet" → routes to direct
       # Anthropic, defeats the cost saving). Operators can override
       # via workflow_dispatch by setting a different E2E_MODEL_SLUG
-      # input if they need to exercise a specific model. MiniMax-M2 is the
-      # stable staging MiniMax path used by the full-SaaS smoke.
-      E2E_MODEL_SLUG: ${{ github.event.inputs.model_slug || 'MiniMax-M2' }}
+      # input if they need to exercise a specific model. MiniMax-M2.7 is the
+      # stable staging MiniMax path used by the full-SaaS smoke (#1997).
+      E2E_MODEL_SLUG: ${{ github.event.inputs.model_slug || 'MiniMax-M2.7' }}
       # Bound to 10 min so a stuck provision fails the run instead of
       # holding up the next cron firing. 15-min default in the script
       # is for the on-PR full lifecycle where we have more headroom.
diff --git a/.gitea/workflows/staging-smoke.yml b/.gitea/workflows/staging-smoke.yml
index 9e3fce6a8..1b97b68a4 100644
--- a/.gitea/workflows/staging-smoke.yml
+++ b/.gitea/workflows/staging-smoke.yml
@@ -112,9 +112,9 @@ jobs:
       E2E_RUNTIME: claude-code
       # Pin the smoke to a specific MiniMax model rather than relying
       # on the per-runtime default (which could resolve to "sonnet" →
-      # direct Anthropic and defeat the cost saving). MiniMax-M2 is the
-      # stable staging MiniMax path used by the full-SaaS smoke.
-      E2E_MODEL_SLUG: MiniMax-M2
+      # direct Anthropic and defeat the cost saving). MiniMax-M2.7 is the
+      # stable staging MiniMax path used by the full-SaaS smoke (#1997).
+      E2E_MODEL_SLUG: MiniMax-M2.7
       E2E_RUN_ID: "smoke-${{ github.run_id }}"
       # Debug-only: when an operator dispatches with keep_on_failure=true,
       # the smoke script's E2E_KEEP_ORG=1 path skips teardown so the
diff --git a/tests/e2e/test_peer_visibility_mcp_staging.sh b/tests/e2e/test_peer_visibility_mcp_staging.sh
index 090e56e25..33fc1368c 100755
--- a/tests/e2e/test_peer_visibility_mcp_staging.sh
+++ b/tests/e2e/test_peer_visibility_mcp_staging.sh
@@ -53,7 +53,9 @@
 #   PV_RUNTIMES            space list; default "hermes openclaw claude-code"
 #   E2E_PROVISION_TIMEOUT_SECS  default 1800 (hermes/openclaw cold EC2 budget)
 #   E2E_MINIMAX_API_KEY / E2E_ANTHROPIC_API_KEY / E2E_OPENAI_API_KEY
-#                          LLM provider key injected so the runtime can boot
+#                          DEPRECATED for this script — platform-managed models
+#                          use the CP LLM proxy; direct vendor keys are blocked
+#                          by PR #2291. Kept in workflow env for other E2Es.
 #   PV_TOKEN_DIAGNOSTIC_ONLY
 #                          1 -> stop after create/token acquisition. Useful
 #                          to classify Hermes-only vs shared auth-route issues.
@@ -222,17 +224,14 @@ else
 fi
 
 # ─── 4. Provision the parent + one sibling per runtime under test ──────
-# Inject the LLM provider key so each runtime can authenticate at boot.
-# Priority: MiniMax → direct-Anthropic → OpenAI (mirrors
-# test_staging_full_saas.sh's secrets-injection chain).
+# Platform-managed models: Molecule owns billing via the CP LLM proxy, so
+# the workspace needs NO tenant key. PR #2291 blocks direct vendor key writes
+# (ANTHROPIC_API_KEY, ANTHROPIC_AUTH_TOKEN, MINIMAX_API_KEY, etc.) for
+# platform-managed workspaces. We intentionally keep SECRETS_JSON empty so a
+# stray E2E_*_API_KEY in the runner env cannot silently convert this into a
+# BYOK run and mask the platform-managed path (mirrors
+# test_staging_full_saas.sh's E2E_LLM_PATH=platform branch).
 SECRETS_JSON='{}'
-if [ -n "${E2E_MINIMAX_API_KEY:-}" ]; then
-  SECRETS_JSON=$(python3 -c "import json,os;k=os.environ['E2E_MINIMAX_API_KEY'];print(json.dumps({'ANTHROPIC_BASE_URL':'https://api.minimax.io/anthropic','ANTHROPIC_AUTH_TOKEN':k,'MINIMAX_API_KEY':k}))")
-elif [ -n "${E2E_ANTHROPIC_API_KEY:-}" ]; then
-  SECRETS_JSON=$(python3 -c "import json,os;k=os.environ['E2E_ANTHROPIC_API_KEY'];print(json.dumps({'ANTHROPIC_API_KEY':k}))")
-elif [ -n "${E2E_OPENAI_API_KEY:-}" ]; then
-  SECRETS_JSON=$(python3 -c "import json,os;k=os.environ['E2E_OPENAI_API_KEY'];print(json.dumps({'OPENAI_API_KEY':k,'OPENAI_BASE_URL':'https://api.openai.com/v1','MODEL_PROVIDER':'openai:gpt-4o','HERMES_INFERENCE_PROVIDER':'custom','HERMES_CUSTOM_BASE_URL':'https://api.openai.com/v1','HERMES_CUSTOM_API_KEY':k,'HERMES_CUSTOM_API_MODE':'chat_completions'}))")
-fi
 
 # Workspace-create now enforces the MODEL_REQUIRED contract: there is NO
 # platform-side default model for a runtime (feedback_workspace_model_required_