feat(core): add skill command policies

[shiny-code-bot]

Refs #236
Blocked by nothing. Follow-up migration issue: #235.

Summary

• Add policy.command_policies to skill frontmatter so skills can own raw command patterns without hardcoding tools like gh in Every Code.
• Compile loaded skill policies into session state and evaluate them in the existing pre-exec command guard path before shell execution.
• Render concise preferred-action guidance in the skills context so the model can choose helper scripts before the runtime guard fires.
• Add loader, matcher, render, and exec-loop regression coverage, including a synthetic GitHub policy that blocks gh pr merge before ExecCommandBegin.

Schema Shape

policy:
  command_policies:
    - id: prefer-pr-merge-helper
      match:
        argv_prefix: ["gh", "pr", "merge"]
      action: require_preferred
      message: Raw gh pr merge bypasses the helper flow.
      preferred:
        - kind: script
          path: scripts/gh-pr.py
          example_argv: ["scripts/gh-pr.py", "merge", "<pr>"]
          purpose: Merge through the helper.

Supported v1 matchers are argv_exact, argv_prefix, and shell_regex; each policy must declare exactly one. Supported v1 actions are require_preferred, require_confirm, and reject. Passive warn-and-run behavior is intentionally left out until there is a real continue-and-run execution path.

Validation

• cargo test -p code-core command_policy --lib
• cargo test -p code-core --test skill_command_policy
• cargo test -p code-core selected_skill_messages_include_explicit_dollar_skill_once --lib
• git diff --check
• ./build-fast.sh