[codex] Harden DiffScope review operations

[haasonsaas]

Summary

• Wire self-hosted server security secrets through Helm, fix the self-hosting chart example, and keep GitHub App/webhook credentials out of config maps.
• Sandbox custom context and local pattern-repository reads, harden verifier prompts against adversarial finding text, and make DAG retry/timeout hints executable.
• Move DiffScope dogfood CI to the branch-built binary, add always-on review contract checks, expose learning/evidence state in Doctor, and tighten install/web dependency hygiene.

Why

The prior surface had a few production-risk gaps: the chart set DIFFSCOPE_API_KEY but not DIFFSCOPE_SERVER_API_KEY, context patterns could escape the intended base path, verifier evidence was rendered as ordinary prompt text, and eval gates could disappear when model secrets were absent. This makes those contracts explicit and test-backed.

Validation

• cargo test (1565 passed)
• cargo clippy --all-targets -- -D warnings
• cargo fmt -- --check
• npm run build
• npm test (77 passed, 5 skipped)
• npm audit (0 vulnerabilities)
• helm lint charts/diffscope
• helm template diffscope charts/diffscope --set secrets.serverApiKey=server --set secrets.githubWebhookSecret=hook --set secrets.githubAppId=123 --set secrets.githubPrivateKey=private --set secrets.anthropicApiKey=anthropic
• actionlint .github/workflows/diffscope.yml .github/workflows/eval.yml
• sh -n install.sh
• git diff --check

Notes

• The Vite bundle warning remains: the main JS chunk is still over 500 kB. This PR preserves that as a visible warning rather than hiding it.
• The local pre-push hook needs Python 3.11+ for tomllib; I pushed with /opt/homebrew/bin first in PATH so the hook used Python 3.12.