feat: add [agent].inherit_env to selectively inherit env vars from OAB process

[chaodu-agent]

Problem

PR #670 added env_clear() to prevent OAB credentials (e.g., DISCORD_BOT_TOKEN) from leaking to the agent subprocess. This is the correct security default.

However, users who inject env vars into the OAB pod via Kubernetes envFrom (ConfigMap/Secret) now have no way to pass those vars to the agent without re-declaring each one in [agent].env as KEY = "${KEY}".

[agent].env currently serves two purposes:

1. Define explicit key=value pairs for the agent
2. Act as the only mechanism to pass env vars through

This conflation forces envFrom users to duplicate every key they want to pass.

Proposed Solution

Add a new optional config [agent].inherit_env — an allow list of env var names to inherit from the OAB main process:

[agent]
command = "codex-acp"
env = { CUSTOM_VAR = "explicit-value" }
inherit_env = ["API_BASE_URL", "MODEL_NAME"]

Behavior:

• env_clear() remains — security default unchanged
• HOME, PATH, USER still passed as baseline
• env — explicit key=value pairs (existing, unchanged)
• inherit_env — reads named vars from OAB process env and passes them through if present
• If a key appears in both env and inherit_env, env wins (explicit value takes precedence)
• Log warning listing inherited keys, same as current env warning

Context

Reported by a user who relies on envFrom to inject config into the OAB pod and had to roll back to a pre-#670 beta version.

[github-actions]

⚠️ This issue is missing the following required information and will not be processed until completed:

• Use Case

Please edit this issue to fill in the missing fields. Thank you!

Tip: Use headings like ## Description or ### Description — common synonyms (e.g. ## Problem, ## Reproduction, ## Motivation) are also accepted.