gut(auth): remove dead auth profile consumers after unified auth

[alexey-pelykh]

Context

Part of #415 Phase 5, item 16. After per-agent `auth` config (#421) replaces the legacy auth profile consumer patterns, several upstream auth-profile integration points become dead code.

Scope

Remove or simplify:

• `src/auto-reply/reply/directive-handling.auth.ts` — `/auth` directive handler (replaced by config-level `auth` field)
• `src/auto-reply/reply/commands-status.ts` — `resolveModelAuthLabel()` display (simplify to show `auth` config value)
• `src/auto-reply/status.ts` — `resolveModelAuthMode()` status display
• `src/auto-reply/reply/get-reply-run.ts` — session auth profile override logic
• `src/cron/isolated-agent/run.ts` — session auth profile override logic
• `src/agents/auth-profiles/session-override.ts` — per-session auth profile override system
• Session entry fields: `authProfileOverride`, `authProfileOverrideSource`
• Config/schema fields: `auth.profiles` (if distinct from the relocated auth store)

Keep: Core auth profile store (`src/auth/`), `resolveApiKeyForProvider`, rotation logic — these are actively used.

Verification

• All tests pass after removal
• No runtime imports from deleted paths
• Auth profile store still works for TTS, STT, and runtime injection
• `/auth` directive removal doesn't break command parsing (should return "unknown command" or similar)

Depends on

• feat(runtime): wire per-agent auth profile to CLI env injection #422 — auth env injection (replacement is working)
• fix(tts): resolve TTS API keys through auth profile store #402 — TTS auth integration (TTS uses new path)
• refactor(media): extract STT from media-understanding into src/stt/ #424 — STT extraction (STT uses new path)

Related

• feat: unified auth + multimodal AgentRuntime — implementation plan #415 — implementation plan (parent)
• research(auth+media): auth profiles and media understanding architecture #376 — original gut proposal (listed these consumers)