feat(tools): enhance code execution sandbox

[lml2468]

Summary

• Add LimitedWriter that wraps bytes.Buffer with streaming output truncation (stdout: 50KB, stderr: 10KB), appending a truncation notice when exceeded
• Add SandboxConfig with configurable resource limits (MaxStdoutBytes, MaxStderrBytes, MaxToolCalls, Timeout), tool allowlist (default: read_file, write_file, search_files, patch, terminal, web_search, web_extract), and RestrictNetwork flag
• Add file-based RPC mechanism for tool call forwarding via ~/.hermes/cache/sandbox_rpc/<id>/ with request.json/response.json exchange and allowlist enforcement
• Add ExecMetrics struct capturing wall time, exit code, stdout/stderr sizes, and tool call count
• Refactor executePython/executeBash into a shared runSandboxed function using the new sandbox primitives

Test plan

• LimitedWriter truncation at exact limit, under limit, over limit, and multi-write scenarios
• SandboxConfig defaults validation and independent copy safety
• Tool allowlist accept/reject with default, custom, and empty lists
• RPC processing: no request file, allowlist rejection, max tool calls exceeded, malformed JSON
• SetupRPCDir/CleanupRPCDir lifecycle
• ExecMetrics JSON round-trip
• Full go test ./... -count=1 passes

Fixes #59