feat: add conversation visibility model

[spytensor]

Linked Issue

Closes #244

Scope

Implemented:

• Added a deterministic conversation_visibility model for public transcript, internal delegation, side-rail summary, and debug/log routing.
• Made user and @host messages public by default.
• Preserved specialist role public visibility only for explicit user-addressed roles or host-surfaced critical output.
• Added internal delegation activity rows to ConversationSnapshot for side-rail/Xray visibility without public transcript pollution.
• Added tests and fixtures proving internal host delegation stays out of public turns while logs/Xray remain available.

Not implemented:

• No full logs UI.
• No deletion/hiding of durable CREP logs.
• No full-screen TUI.

Acceptance Criteria

• AC-1: Define visibility categories: public transcript, internal delegation, side-rail summary, debug/log.
• AC-2: User messages and @host responses default to public transcript.
• AC-3: A role enters public transcript when the user explicitly addresses it.
• AC-4: @host may surface role output publicly only for critical risk, veto, confirmation, or final evidence summary.
• AC-5: Host-to-role and role-to-host delegation remains internal by default but produces side-rail activity state.
• AC-6: Tests/fixtures prove host delegation does not pollute the public transcript.
• AC-7: Logs/Xray can still expose internal details on demand.

Changed Files

• src/conversation_visibility.rs
• src/console_snapshot.rs
• src/lib.rs
• tests/conversation_visibility_test.rs
• tests/fixtures/conversation_visibility.toml
• tests/fixtures/console_snapshot_v08.toml

Validation

Local commands executed:

cargo fmt --all -- --check
cargo test --test conversation_visibility_test --quiet
cargo test --test console_snapshot_test --quiet
cargo clippy --all-targets --all-features -- -D warnings
cargo test --all-features --locked --quiet

Results:

• format: pass
• conversation visibility tests: pass, 4 tests
• console snapshot tests: pass, 3 tests
• clippy: pass
• full test suite: pass, ignored smoke tests unchanged

Evidence Packet

• WorkOrder: WO-0244
• GitHub issue: v0.8: Public transcript and internal delegation visibility model #244
• Gate thread: not applicable for this additive schema/rules PR
• Evidence: visibility model + transcript fixture + snapshot internal activity fixture + tests
• Not verified: GitHub CI until this PR runs checks

Tracker Update

• Tracker issue: v0.8.0 - CoreRoom Console Data Plane Tracker #238
• Updated checkbox: pending until merge
• Updated Milestone AC: M-AC-2 pending until merge
• Evidence Ledger row: will be updated after PR number/check status is available

Risk

Low. This is additive, but ConversationSnapshot now rejects internal/debug turns inside publicTurns, so future fixtures must classify visibility correctly.

Rollback

Revert this PR. No migration or runtime behavior change is included.