Tom nash/command rules

[tom-nash]

Command rule hardening
Added layered command matching using:
string matcher (exact/glob/prefix)
argv matcher (token-aware flag matching)
Hardened default destructive push patterns to catch reordered flags:
git push --force
git push -f
Normalized simple command-prefix semantics so:
git commit and git commit * are treated equivalently for matching intent.
Preserved allow-overrides-deny semantics.
Wrapper-aware enforcement
Command rule checks now evaluate wrapped shell forms by unwrapping common wrappers:
sh -c, bash -c, bash -lc, etc.
Read/write shell-op extraction now also evaluates unwrapped inner commands, so wrapped commands are enforced consistently (not just direct invocations).
File rule matching improvements
Added recursive ** glob support for file rules (in addition to existing *, ?, [], exact, and directory-prefix behavior).
Documentation updates (high-level only)
Updated README.md and docs/project-overview-and-concepts.md to reflect:
recursive ** file-glob support
wrapper-aware command enforcement
high-level file vs command enforcement model
Why
This closes practical bypasses and ambiguity points:

Reordered command flags (e.g., trailing --force)
Wrapped command execution (sh -c ...)
Nested path matching needs (**)
It also improves policy authoring UX by making common command patterns behave as users expect.

Test Coverage
Added/expanded tests across store, hook, and CLI integration, including:

command matcher equivalence (cmd vs cmd *)
allow-overrides-deny behavior
wrapped command deny and allow behavior via hook
wrapper depth and option parsing paths
wrapped read/write enforcement (cat, redirection, cd inside wrapped commands)
recursive ** glob matching variants and edge cases
matcher normalization and fallback branches