chore: rust kernel hardening & feature parity

[NathanFlurry]

• feat: US-001 - Remove dangerous builtins from DEFAULT_ALLOWED_NODE_BUILTINS
• feat: US-002 - Block Pyodide import js FFI sandbox escape
• feat: US-003 - Enable Node.js --permission flag for Pyodide host process
• feat: US-004 - Scrub AGENT_OS_ environment variables from guest process.env*
• feat: US-005 - Virtualize process.cwd() to return kernel CWD
• feat: [US-006] - Virtualize process.execPath, argv[0], pid, ppid, getuid, getgid
• feat: US-007 - Intercept process signal handlers and deny native addon loading
• feat: [US-008] - [Fix exec/execSync bypass in wrapChildProcessModule]
• feat: [US-009] - [Translate host paths in require.resolve() and error messages]
• feat: [US-010] - Replace in-band control message parsing with side channel
• feat: US-011 - Make ALLOWED_NODE_BUILTINS configurable from AgentOsOptions
• feat: US-012 - Build SharedArrayBuffer RPC bridge for synchronous kernel syscalls
• feat: [US-013] - [Port os module polyfill with kernel-provided values]
• feat: [US-014] - [Port fs.promises async methods through kernel VFS RPC]
• feat: US-015 - Port fs sync methods through SharedArrayBuffer bridge
• feat: [US-016] - [Port fs fd-based operations and streams through kernel VFS]
• feat: US-017 - Port child_process polyfill through kernel process table
• feat: [US-018] - [Port net.Socket polyfill via kernel socket table]
• feat: [US-019] - [Port net.createServer polyfill via kernel socket listen/accept]
• feat: [Story ID] - [Story Title]
• feat: US-021 - Port dns polyfill via kernel DNS resolver
• feat: [US-022] - [Port tls polyfill via kernel networking]
• feat: [US-023] - [Port http/https/http2 on top of polyfilled net and tls]
• feat: US-027 - Wire options.permissions through to sidecar bridge
• feat: [US-028] - [Validate CWD within sandbox root]
• feat: US-024 - Add Drop impl, timeout, and kill for PythonExecution
• feat: [US-025] - [Add Python spawn_waiter thread and bounded stdout/stderr buffering]
• feat: US-030 - Fix --allow-child-process unconditional escalation
• feat: [US-031] - [Resolve symlinks before permission checks and fix link/exists gaps]
• feat: US-038 - Fix plugin SSRF and add mount permission checks
• feat: [US-041] - Enforce WASM permission tiers
• feat: [US-033] - [Add filesystem size and inode limits to ResourceLimits]
• feat: [US-034] - [Add WASM fuel/memory limits and socket/connection limits]
• feat: US-029 - Per-VM import cache paths to prevent cross-VM poisoning
• feat: [US-032] - [Fix host PID reuse in signal_runtime_process and dup2 bounds]
• feat: US-026 - Add VFS RPC path validation and sync bridge timeout
• feat: [Story ID] - [Story Title]
• feat: US-040 - Fix hardenProperty fallback and zombie reaper exit code handling
• feat: US-043 - Low-priority robustness fixes
• feat: US-035 - Fix Pyodide hardening order and VFS RPC queue bounds
• feat: [US-036] - [Add missing Pyodide integration tests]
• feat: US-042 - Extract Pyodide embedded JS and deduplicate cross-runtime code
• feat: US-037 - Add security audit logging
• feat: US-044 - Implement kernel-controlled DNS resolver instead of host delegation
• feat: [US-045] - [Implement real getConnections() and enforce server backlog]
• feat: US-046 - Add Unix domain socket support to net polyfill
• feat: US-047 - Add external networking CI tests
• feat: US-048 - Audit and verify network permission checks on socket operations
• feat: US-049 - Block remaining process properties that leak host information
• feat: [US-050] - [Prevent CJS require() from resolving host node_modules]
• feat: [US-051] - [Fix os polyfill fallbacks that default to host values]
• feat: [US-052] - [Strip AGENT_OS_ variables from child process spawn environments]*
• feat: US-053 - Add permission check to unmount_filesystem
• feat: US-054 - Change KernelVmConfig default permissions to deny-all
• feat: US-055 - Add SSRF protection with private IP address validation on outbound connections
• feat: US-056 - Add per-operation size limits for pread, fd_write, env, and argv
• feat: US-057 - Protect RPC channel FDs from guest manipulation
• feat: US-058 - Add WASM module parser size limits and DoS protection
• feat: US-059 - Implement SIGCHLD delivery on child process exit
• feat: [US-060] - Implement SIGPIPE delivery on broken pipe write
• feat: US-061 - Implement waitpid flags: WNOHANG, WUNTRACED, WCONTINUED, and process group waits
• feat: US-062 - Implement advisory file locking (flock)
• feat: [US-063] - [Implement O_CREAT|O_EXCL atomicity and O_APPEND atomic writes]
• feat: US-064 - Implement non-blocking I/O (O_NONBLOCK) and PIPE_BUF atomicity
• feat: [US-065] - [Implement select/poll for FD multiplexing]
• feat: US-066 - Implement process reparenting to init and fix process group kill
• feat: US-067 - Implement OverlayFS opaque directories and persistent whiteouts
• feat: US-068 - Fix overlay hardlink copy-up, rmdir ENOTEMPTY, and cross-mount hardlink
• feat: US-069 - Implement /proc filesystem with essential entries
• feat: [US-070] - [Fix /dev/zero and /dev/urandom to return requested byte count]
• feat: US-071 - Implement shebang parsing for script execution
• feat: US-072 - Add JavaScript sync RPC timeout and response backpressure
• feat: [US-073] - [Add network port binding restrictions and VM network isolation]
• feat: US-074 - Fix guestVisiblePathFromHostPath to never fall back to raw host path
• feat: US-075 - Implement SIGSTOP/SIGCONT job control and SIGWINCH for PTY resize
• feat: [US-076] - [Add missing errno checks: EISDIR, ENOTDIR, ENAMETOOLONG, EROFS]
• feat: US-077 - Implement umask and stat blocks/dev fields
• feat: [US-078] - [Add WASM module path symlink TOCTOU protection and prewarm timeout]
• feat: US-079 - Add Pyodide process memory and execution timeout limits
• feat: US-080 - Enforce WASM runtime memory limits and pass fuel to Node.js runtime
• feat: US-081 - Make WASI conditional based on permission tier