Vouch request: vshalpnjabi

[vshalpnjabi]

What do you want to work on?

I want to add a third enforcement mode to the sandbox proxy called interactive. Right now the proxy has audit (log and allow) and enforce (log and block). I want to add one that holds the connection open when a request would be denied and POSTs to a local HTTP endpoint so a human can approve or reject it. If the endpoint doesn't respond in time or errors, it falls back to allow or deny based on config. Already tested on my local and works beautifully.

Why this change?

The problem with enforce is that the agent gets a 403 immediately, before I've had a chance to click anything, so it retries or gives up before i can allow it. With interactive, the connection just waits until I approve or deny it, so the first attempt either succeeds or fails cleanly with no retry needed. I am working on a opensource tool that uses openshell for agents and want to interactively allow or deny agent calls to external environment.

Checklist

• I wrote this request myself (not AI-generated)
• I have read CONTRIBUTING.md