fix(codex-runtime): de-dup [plugins.X] tables and stop leaking HERMES_HOME into config.toml (#26250)

[kshitijk4poor]

Summary

Fixes the three independent bugs in hermes codex-runtime migrate reported in #26250. Each one corrupts ~/.codex/config.toml in a way that crashes codex on next startup with a TOML parse error.

This PR builds on @steezkelly's #25857 (Bug A — top-level default_permissions via _insert_managed_block_at_top_level) by cherry-picking it onto current main and then adding fixes for Bugs B and C with regression tests.

Bugs fixed

Bug	Where	Fix
A — default_permissions lands inside a previous [mcp_servers.X] table on re-render	migrate() appended the managed block after pre-existing user tables, so the root key got scoped to the wrong table.	Insert the managed block before the first table header (commit by @steezkelly, cherry-picked from #25857).
B — [plugins."<name>@<marketplace>"] tables duplicated when codex itself installed plugins before hermes' migrate ran	Codex's own [plugins.*] tables outside the managed block survive _strip_existing_managed_block(), then _query_codex_plugins() reports the same plugins and we re-emit them inside the managed block. Result: duplicate table headers → codex's strict TOML parser rejects the file.	New _strip_unmanaged_plugin_tables() drops [plugins.*] tables from the user-content portion of the file, but only when plugin/list succeeded — otherwise we'd silently lose plugins we can't re-emit. plugin/list is the source of truth when it answers.
C — HERMES_HOME from os.environ leaks pytest-tempdir paths into the user's real ~/.codex/config.toml	_build_hermes_tools_mcp_entry() read os.environ["HERMES_HOME"] at migrate time. A sibling pytest's monkeypatch.setenv("HERMES_HOME", tmp_path) therefore burned a transient pytest tempdir path into the user's actual codex config; once pytest reaped the tempdir, every codex-routed hermes-tools call failed silently.	Derive HERMES_HOME from get_hermes_home() (canonical profile-aware resolver) and refuse to emit obvious test-tempdir paths via _looks_like_test_tempdir() as belt-and-suspenders. Also patch test_enable_succeeds_when_codex_present to mock migrate() so the suite stops touching the user's real ~/.codex/.

E2E verification (reproduces the issue's exact pre-state)

# Pre-state: user [mcp_servers.omx_team_run] + codex-installed [plugins."tasks@openai-curated"]
# HERMES_HOME=/private/var/folders/.../pytest-of-.../...

On origin/main:

tomllib.TOMLDecodeError: Cannot declare ('plugins', 'tasks@openai-curated') twice (at line 13, column 32)
HERMES_HOME leak: /private/var/folders/xx/pytest-of-user/pytest-137/popen-gw2/test_X/hermes_test

On this branch:

✓ default_permissions is top-level
✓ No duplicate [plugins.X] table headers
✓ No pytest tempdir leaked into MCP env
✓ tomllib.loads(new_text) parses cleanly

Test plan

bash scripts/run_tests.sh tests/hermes_cli/test_codex_runtime_plugin_migration.py tests/hermes_cli/test_codex_runtime_switch.py
# 95 passed in 1.76s

7 new regression tests:

• TestStripUnmanagedPluginTables (4 tests): unit + end-to-end migrate dedup + preservation when plugin/list fails.
• TestHermesHomeLeakGuard (4 tests): tempdir detector positive/negative + e2e pytest-tempdir refusal + real-path passthrough.
• test_enable_succeeds_when_codex_present now patches migrate() (closes the test-leak path).

Attribution

• Cherry-picked c21f649e2 from fix(codex-runtime): keep migrated root keys top-level #25857 with author preserved (Steve Kelly).
• Bugs B + C implementation added on top.

Closes #26250