Add file-based Human-in-the-Loop (HIL) inbox system for operator-assisted tool workflows

[fresh3nough]

Problem

The current Human-in-the-Loop workflow relies on terminal input() and Caido proxy copy-paste for passing tool output (Nmap, Burp, Metasploit, etc.) back to the agent. This breaks for large outputs -- long scan results get truncated, multi-page command output is painful to copy-paste, and the experience is fragile overall.

Proposed Solution

A file-based HIL inbox system where:

1. The agent writes a request file (req_<task_id>.txt) describing what it needs (tool, command, target).
2. The operator runs the tool and saves output to a response file (resp_<task_id>.txt).
3. The agent polls the inbox, picks up the response, and continues analysis.

This handles arbitrarily large tool output (XML Nmap scans, full Metasploit sessions, Burp exports, etc.) without any copy-paste limitations.

Scope

• New strix/hil/ package with InputManager class and standalone functions (request_input, wait_for_response, list_pending_requests, clear_inbox)
• HIL_INBOX_PATH config variable (env var override, tracked by Config system)
• "Operator Help" section added to all 25 operator-assisted tool skill .md files
• Comprehensive README documentation: full tools list by category, HIL architecture, code examples, operator workflow
• 44 tests covering the complete request/response lifecycle, timeout handling, cleanup, config integration, and tool .md validation

Dependencies

Builds on top of #334 (vulnerability edge case + MFA bypass skills) and #336 (25 operator-assisted tool skills).

Key Commits

• 6c70c09 -- HIL input manager, config, tool .md updates, tests
• 4ca9133 -- README documentation (tools list + HIL system docs)