fix: gate OTel span content recording behind opt-in flag

[amabito]

Why are these changes needed?

OTel instrumentators unconditionally record full message content, tool arguments, and LLM responses into span attributes. In production deployments where traces are exported to third-party observability backends, this leaks PII, API keys, and proprietary prompts.

The fix adds a record_content configuration flag (default False) that gates content recording. When disabled, spans still capture structural metadata (tool names, token counts, model IDs) without exposing sensitive content.

Related issue number

Addresses a content leakage vulnerability reported via email to @Lancetnik on 2026-03-16.

Checks

• I've included any doc changes needed for https://docs.ag2.ai. See https://docs.ag2.ai/docs/contributor-guide/documentation to learn how to make changes to the documentation.
• I've added tests corresponding to the changes introduced in this PR.
• I've made sure all auto checks have passed.

[codecov]

Codecov Report

❌ Patch coverage is 90.90909% with 4 lines in your changes missing coverage. Please review.

Files with missing lines	Patch %	Lines
...etry/instrumentators/agent_instrumentators/chat.py	73.33%	0 Missing and 4 partials ⚠️

Files with missing lines	Coverage Δ
...y/instrumentators/agent_instrumentators/_config.py	100.00% <100.00%> (ø)
...strumentators/agent_instrumentators/human_input.py	100.00% <100.00%> (ø)
...try/instrumentators/agent_instrumentators/reply.py	89.02% <100.00%> (+5.07%)	⬆️
...etry/instrumentators/agent_instrumentators/tool.py	100.00% <100.00%> (ø)
...etry/instrumentators/agent_instrumentators/chat.py	83.24% <73.33%> (+1.33%)	⬆️

... and 23 files with indirect coverage changes

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.