codex: add redteam guard proxy enforcement

[GaoZzr]

Summary

• add source-level redteam workflow guard and confirmation gate
• enforce the gate in the proxy before upstream/model execution
• add coverage-oracle contract guidance, including late-stage xray passive/OAST usage after logged-in model-driven workflow exploration
• preserve in-process teammate permission inheritance

Tests

• python C:\Users\83964\.codex\skills\codex-ai-redteam-coverage\scripts\selftest_coverage.py
• bun test --timeout 15000 src/server/tests/redteamWorkflowGuard.test.ts src/server/tests/providers.test.ts src/utils/swarm/spawnInProcess.test.ts

[github-actions]

PR quality triage

Changed areas: area:cli-core, area:server

CLI core policy: Blocked by policy until a maintainer applies allow-cli-core-change and approves the PR.

Missing-test policy: No missing-test policy block detected.

Coverage baseline policy: No coverage-baseline policy block detected.

CLI core files:

• src/utils/swarm/inProcessRunner.ts
• src/utils/swarm/spawnInProcess.test.ts
• src/utils/swarm/spawnInProcess.ts

Coverage policy files:

• none

Expected checks:

• change-policy
• desktop-checks
• server-checks
• desktop-native-checks
• coverage-checks

Test coverage signals:

• Agent/model runtime path changed: use mock/request-shape tests in PR and maintainer live-model smoke before release.

Risk notes:

• Provider/search behavior changed: PR gate uses mock tests; live-provider tests stay maintainer-only.

Hard merge gates still come from GitHub Actions, not AI review.

Dosu handoff: Dosu can be used as the AI reviewer for risk explanation, missing-test prompts, and maintainer Q&A. If it does not comment automatically from the PR template, ask:

@dosubot review this PR for changed-area risk, missing tests, docs impact, desktop startup risk, and CLI core impact.