Windows network policy parity

[t-kalinowski]

Summary

• Adds explicit Windows sandbox setup for an offline proxy-enforced local user with protected credentials, fixed proxy ports, firewall validation, and fail-closed setup checks.
• Routes Windows workspace-write no-network and managed-domain launches through the offline proxy identity while keeping read-only and full-network launches on the current-user restricted-token path.
• Extends named-pipe access control, filesystem grants, docs, plans, and Windows integration coverage for network policy parity.

Validation

• cargo check
• cargo build
• python3 tests/run_integration_tests.py --binary target/debug/mcp-repl (19 passed)
• cargo clippy --all-targets --all-features -- -D warnings
• cargo test --quiet
• cargo +nightly fmt
• git diff --check
• PowerShell encoded-command secure string sanity check

Diff composition

Measured against origin/main, this PR is 2542 insertions and 67 deletions across 20 files.

• runtime src/: +2206/-47 (86.4% of churn)
• inline tests inside src/: +238/-1 (9.2% of churn)
• tests in tests/: +39/-8 (1.8% of churn)
• docs: +44/-11 (2.1% of churn)
• other: +15/-0 (0.6% of churn)

Largest files:

• src/windows_sandbox_setup.rs: +1467/-0
• src/windows_sandbox.rs: +503/-5
• src/ipc/transport.rs: +160/-22
• src/worker_process/worker_launch.rs: +104/-3
• src/sandbox.rs: +70/-5