fix: harden fallback boundary validation

[rlippmann]

What changed

• Hardened source-aware fallback validation in experimental/preprocessor/output_validation.py so boundary-unsafe source_input values cannot be converted into state-mutating directives by fallback output.
• Added validator-level regression tests for unsafe-source rejection and safe-source acceptance behavior.
• Added integration regressions (LiteLLM and Open WebUI preprocessor paths) to ensure fallback canonical outputs do not mutate state for unsafe source categories.
• Added focused Hypothesis coverage for unsafe wrapper/source patterns plus no-mutation assertions.
• Added portable preprocessor kind: "parse" conformance fixtures for parse_preprocessor_output(raw_output, source_input=...) behavior, and extended fixture conformance runner support.
• Documented parse fixture kind and source-aware fallback boundary contract in fixture docs.
• Locked quote-payload behavior (use "docker") via fixture/tests/docs without broadening semantics.

Why

• The prior heuristic-boundary hardening still allowed fallback-generated canonical directives to mutate state for boundary-unsafe source inputs.
• This patch closes that fallback loophole while preserving conservative preprocessor architecture: no heuristic expansion, no engine grammar/schema changes, and deterministic validator enforcement.
• Source-aware fallback behavior is now fixture-defined for future TS parity work.

Closes #77

Checklist

• pre-commit run (uv run pre-commit run --all-files)
• tests pass (uv run pytest)