Kia ora, Octopus Deploy 
With reference to the Configuration Transforms (https://octopus.com/docs/deployment-process/configuration-features/configuration-transforms), this is a great piece of functionality. I have a question, though.
We are ending up with a whole bunch of *.config files being deployed, for example:
my.Awesome.Command.Line.Tool.config
my.Awesome.Command.Line.Tool.Debug.config
my.Awesome.Command.Line.Tool.Migrations (CA).config
my.Awesome.Command.Line.Tool.Migrations.config
my.Awesome.Command.Line.Tool.Production (CA).config
my.Awesome.Command.Line.Tool.Production (US).config
my.Awesome.Command.Line.Tool.Release.config
my.Awesome.Command.Line.Tool.Test.config
my.Awesome.Command.Line.Tool.UAT (CA).config
There is a chance that sensitive information could “leak” from one of the environment-specific .config files. For example, someone may have access to the “Test” environment, and have permission to read the content of the files that have been deployed there. They would then be able to read some DB connection strings for the “Production (US)” environment.
How can we prevent the environment/confiuration-specific Configuration Transforms from being deployed, and only have the “computed” my.Awesome.Command.Line.Tool.config file deployed?
Many thanks. Nga mihi,
Jon