fix(gateway): make Slack notes aware of scoped Slack tools

[daikeren]

What does this PR do?

Fixes a prompt/runtime mismatch in the Slack gateway when scoped Slack tools are available.

Today, gateway/session.py always injects a hardcoded Slack platform note saying the agent has no Slack-specific API access and can only read messages sent directly to it. When Slack MCP tools are present, that note becomes stale and can cause false refusals for permalink / thread / history requests.

This PR makes the Slack platform note capability-aware while preserving the conservative security model.

Related Issue

Fixes #6533

Type of Change

• 🐛 Bug fix (non-breaking change that fixes an issue)
• ✨ New feature (non-breaking change that adds functionality)
• 🔒 Security fix
• 📝 Documentation update
• ✅ Tests (adding or improving test coverage)
• ♻️ Refactor (no behavior change)
• 🎯 New skill (bundled or hub)

Changes Made

• gateway/session.py
  • added a Slack-only capability-aware platform note helper
  • preserve the old conservative wording when no scoped Slack tools are available
  • emit dedicated-tool wording when scoped Slack tools are present
• gateway/run.py
  • compute the current session’s available tool names from enabled platform toolsets
  • pass available_tool_names into build_session_context_prompt()
• tests/gateway/test_session.py
  • added coverage for the conservative branch
  • added coverage for the scoped-tool branch
  • asserted the tool-aware prompt does not encourage raw token or curl access

How to Test

1. Run:

   python -m pytest tests/gateway/test_session.py -q

2. Verify the focused test target passes
3. In a Slack runtime with Slack MCP configured, send a permalink/thread request such as:
   • Show me the conclusion of this slack thread <slack permalink>
4. Confirm Hermes no longer falls back to the stale “I cannot directly read Slack thread links” refusal when scoped Slack tools are available

Checklist

Code

• I've read the Contributing Guide
• My commit messages follow Conventional Commits (fix(scope):, feat(scope):, etc.)
• I searched for existing PRs to make sure this isn't a duplicate
• My PR contains only changes related to this fix/feature (no unrelated commits)
• I've run pytest tests/ -q and all tests pass
• I've added tests for my changes (required for bug fixes, strongly encouraged for features)
• I've tested on my platform: Arch Linux

Documentation & Housekeeping

• I've updated relevant documentation (README, docs/, docstrings) — or N/A
• I've updated cli-config.yaml.example if I added/changed config keys — or N/A
• I've updated CONTRIBUTING.md or AGENTS.md if I changed architecture or workflows — or N/A
• I've considered cross-platform impact (Windows, macOS) per the compatibility guide — or N/A
• I've updated tool descriptions/schemas if I changed tool behavior — or N/A

Screenshots / Logs

Focused validation:

python -m pytest tests/gateway/test_session.py -q
61 passed

Note: I also attempted a broader tests/gateway/ run because gateway/run.py changed, but this checkout has unrelated pre-existing failures outside this Slack/session fix, so the claimed validation for this PR is the focused test target above.