feat(ops): expose action execution status and logs

[05F3759DF]

Context

After Keystone creates action requests, operators need to understand whether a robot picked up the request, whether it is running, and why it succeeded or failed. Keystone should expose a bounded and sanitized execution history without leaking credentials.

Scope

• Store action execution status updates from Axon Agent.
• Represent states such as pending, queued, running, succeeded, failed, timed_out, expired, and cancelled.
• Store bounded stdout/stderr snippets, exit code, error summary, started time, and finished time.
• Sanitize or reject logs containing sensitive values such as tokens, passwords, keys, and certificates.
• Expose APIs for action request detail and recent execution history per robot.

Acceptance Criteria

• Operators can query current status and recent execution history for robot actions.
• Status transitions are persisted with timestamps and request IDs.
• Long output is truncated consistently.
• Sensitive values are not exposed in API responses or UI-facing payloads.
• Tests cover successful execution, failure, timeout, expired request, output truncation, and secret filtering.

Depends On

• feat(ops): create action request API with audit trail #66

Related

• feat(agent): persist action execution state and idempotency axon#92
• feat(agent): sync action capabilities and poll Keystone action queue axon#93