fix: add security.display_redaction_only to keep secrets usable in tools

[HiddenPuppy]

Summary

security.redact_secrets was redacting credential values in **both** tool results (file reads, terminal output) and display/logging paths. When the LLM received partially-masked values (sk-a***c12) from tool results, it could not use them in subsequent commands — breaking:

• htpasswd and similar tools that pass passwords via command-line arguments (Secret redaction breaks functional credential use in terminal commands #16843)
• Bitwarden CLI workflows where Hermes retrieves a secret and passes it to a script (security.redact_secrets redacts values before passing to tools, breaking Bitwarden CLI workflows #16700)

Changes

New config: security.display_redaction_only

Setting	Effect
false (default)	Current behavior — redact everywhere (backward compatible)
true	Redact only in chat display + logs; real values pass through to tools

security:
  redact_secrets: true
  display_redaction_only: true

How it works

• redact_sensitive_text() — used by tool results (file reads, terminal output, code execution). Respects the new flag: skips patterns when display_redaction_only=true so the LLM gets real values.
• redact_for_display() — new function that **always** redacts, used by chat output (send_message), logs (RedactingFormatter), and context summaries. Never skips even when the flag is active.
• All entry points — CLI, gateway, and hermes_cli all bridge the new config to the env var.

Testing

• tests/agent/test_redact.py: 75 tests, all passing ✅

Closes #16843
Closes #16700

[alt-glitch]

Related to #16700 and #16843 — same root cause (redact_secrets breaks tool execution). Note: #16794 (flip default to off) already merged as interim fix.