#11854: fix: resolve per-agent tools.exec config in pi-tools

## Summary `resolveExecConfig()` in `pi-tools.ts` only reads global `tools.exec` config, ignoring agent-specific overrides in `agents.list[].tools.exec`. This causes agents configured with restricted exec settings (e.g., `security: "allowlist"`, `host: "gateway"`) to silently inherit global defaults, potentially running with more permissive settings than intended. - Update `resolveExecConfig` to accept `agentId` and merge agent-specific config with `??` fallback - Follow the same pattern already used in `directive-handling.impl.ts` (`resolveExecDefaults`) - `agentId` was already available in scope (resolved by `resolveEffectiveToolPolicy`) Closes #11832 ## Test plan - [x] Added unit tests for `resolveExecConfig` covering: - Global-only config (no agent override) - Agent-specific config overriding global - Partial agent override (non-overridden fields fall back to global) - Undefined config handled gracefully - [x] Existing `pi-tools-agent-config`, `pi-tools.safe-bins` tests pass <!-- greptile_comment --> <h2>Greptile Overview</h2> <h3>Greptile Summary</h3> This PR updates `resolveExecConfig()` in `src/agents/pi-tools.ts` to merge global `tools.exec` config with per-agent overrides from `agents.list[].tools.exec`, using `agentId` (already resolved by `resolveEffectiveToolPolicy`) to select the agent scope. It also adds a new Vitest suite covering global-only config, full and partial agent overrides, and undefined config. This fits into the tool wiring in `createOpenClawCodingTools()` by ensuring the `exec`/`process` tools receive the correct agent-scoped defaults rather than silently inheriting global settings, aligning behavior with other agent-scoped config resolution patterns in the codebase. <h3>Confidence Score: 4/5</h3> - This PR is close to safe to merge, but there is one agent-scoped config hole remaining. - The core change (merging agent exec settings with global defaults) is straightforward and covered by unit tests. However, apply-patch configuration is still sourced only from the global `tools.exec.applyPatch` path, so agent-level overrides for that nested config won’t work despite the rest of exec config being agent-aware. - src/agents/pi-tools.ts <!-- greptile_other_comments_section --> <!-- /greptile_comment -->