Harden run read envelopes

[chubes4]

Summary

• Add observer-safe redaction for task, chat, and runtime-package run read/event envelopes without changing stored operator state.
• Tighten runtime-package run read defaults to operators while retaining filter-based migration paths for hosts.
• Redact sensitive-looking parameter_defaults and runtime metadata keys in model/request-facing tool declarations.
• Expand product-boundary smoke coverage for downstream vocabulary and document the redaction/read policy.

Tests

• composer test
• composer phpstan
• Targeted smokes during development: php tests/task-execution-smoke.php, php tests/chat-run-control-smoke.php, php tests/runtime-package-run-contract-smoke.php, php tests/tool-runtime-smoke.php, php tests/no-product-imports-smoke.php

Risks

• Sensitive parameter_defaults now normalize to [redacted]; hosts that used declaration defaults as credential storage need to move those secrets into executor-owned resolution or explicit non-model-facing bindings.
• Runtime-package run status reads now default to manage_options; hosts needing non-admin observers can opt in via agents_runtime_package_run_read_permission, and full envelopes via agents_runtime_package_run_unredacted_read_permission.

AI assistance

• AI assistance: Yes
• Tool(s): openai/gpt-5.5/OpenCode
• Used for: Drafting and implementing the safety hardening, smoke coverage, docs, and PR preparation.