Move memories root setup out of core config

[jif-oai]

Why

Config loading should not create or write-authorize the memories root just because memory support exists. Memory startup is the code path that actually materializes that tree.

What

• Stop creating the memories root during Config load and remove it from legacy workspace-write projections.
• Grant the memories root read access only when the memories feature and use_memories are enabled.
• Create the memories root inside memories startup before seeding extension instructions.
• Update config and startup tests around the ownership boundary.

Tests

• just fmt
• just fix -p codex-core
• just fix -p codex-memories-write
• just test -p codex-core memory_tool_makes_memories_root_readable_without_creating_or_widening_writes workspace_write_includes_configured_writable_root_once_without_memories_root permission_profile_override_keeps_memories_root_out_of_legacy_projection permissions_profiles_allow_direct_write_roots_outside_workspace_root default_permissions_profile_populates_runtime_sandbox_policy
• just test -p codex-memories-write memories_startup_creates_memory_root

Note: a broader just test -p codex-core run is not clean in this sandbox; it hit missing test_stdio_server plus seatbelt, realtime, and environment-sensitive failures. The changed config tests above pass.

[jif-oai]

@codex review

[chatgpt-codex-connector]

Codex Review: Didn't find any major issues. Nice work!

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".