feat(acp): Add OS-level sandboxing for ACP agent subprocesses

[CSRessel]

Summary

🤖 Generated with Nori

• Adds platform-specific OS-level sandboxing for ACP agent subprocesses (macOS Seatbelt, Linux Landlock+seccomp)
• New sandbox.rs module with transform_command_for_sandbox() to wrap agent commands
• AcpConnection::spawn() now accepts sandbox_policy parameter to control sandbox behavior
• Graceful degradation: runs unsandboxed when Linux sandbox binary not available, with warning logged
• Defense-in-depth: application-level path restrictions in write_text_file() retained

Test Plan

• All 118 codex-acp tests pass
• Sandbox transformation tests verify correct command wrapping for each platform
• Graceful degradation test verifies unsandboxed fallback when binary not provided
• CI passes

Share Nori with your team: https://www.npmjs.com/package/nori-ai