Apply Hermes file safety rules to Copilot ACP fs handlers

[ifrederico]

Summary

• add a lightweight shared file-safety helper for ACP and file tool callers
• deny ACP permission requests by default instead of auto-allowing them
• apply Hermes internal read blocking and secret redaction to ACP fs reads
• apply Hermes write denylist and HERMES_WRITE_SAFE_ROOT enforcement to ACP fs writes
• add focused regression tests for the Copilot ACP shim

Testing

• python -m unittest tests.agent.test_copilot_acp_client -v
• python -m py_compile agent/file_safety.py agent/copilot_acp_client.py tools/file_operations.py tools/file_tools.py tests/agent/test_copilot_acp_client.py

[teknium1]

Merged via #13391 (commit 9b36636). Your commit was cherry-picked onto current main with your authorship preserved via rebase-merge — check git log --author=ifrederico on main. Thanks for the hardening!

The branch here was 2800+ commits behind so we salvaged the substantive commit rather than rebase the whole branch. Only change to your code: the shared file_safety module is now profile-aware (uses get_hermes_home() for .env + hub cache) so it respects HERMES_HOME under profile overrides.