refactor(infra): standardize service execution and optimize build pipeline

[victoriacheng15]

Summary

This update hardens the platform's execution model by migrating host-resident "Pillar Services" to standard system paths and optimizing the Model Context Protocol (MCP) build pipeline. It resolves critical SELinux permission barriers and refines the hybrid host-cluster intelligence layer for high-fidelity observability.

List of Changes

• Execution Integrity: Hardened the host-tier security posture by migrating service execution to standard system paths, resolving SELinux domain transition conflicts and ensuring long-term operational stability for the telemetry pipeline.
• Build Lifecycle Optimization: Streamlined the Model Context Protocol (MCP) lifecycle through a root-centric build pipeline and atomic hot-swapping, eliminating "Text file busy" failure modes and enforcing a Single Source of Truth for system artifacts.
• Health Intelligence Refinement: Elevated platform health fidelity by calibrating the Hub intelligence layer to correctly interpret systemd oneshot semantics, providing AI agents with an accurate assessment of transient task completion.
• Filesystem Decoupling: Decoupled the service runtime from the project directory, reducing the risk of binary drift and ensuring that the platform remains resilient to source code movements.

Verification

• Verified ingestion.service and proxy.service health via systemctl after migration.
• Confirmed hub_inspect_platform reports 4/4 healthy services including completed oneshots.
• Validated make targets for services and MCP servers complete successfully with automatic cleanup.