#14734: test(agents): guard against stale allowAgents in existing sessions

## Problem Existing sessions could appear to retain stale subagent allowlist behavior after config changes, causing confusion around `agents_list` and `sessions_spawn` outcomes. ## What Changed - Added regression coverage for `agents_list` to verify allowlist changes are reflected when reusing the same tool/session context. - Added regression coverage for `sessions_spawn` to verify cross-agent spawn authorization refreshes after allowlist updates in the same session/tool instance. ## Validation - `pnpm vitest run src/agents/openclaw-tools.agents.test.ts src/agents/openclaw-tools.subagents.sessions-spawn-allows-cross-agent-spawning-configured.test.ts` - Result: 2 files passed, 8 tests passed. ## Issue - Closes #13377 <!-- greptile_comment --> <h2>Greptile Overview</h2> <h3>Greptile Summary</h3> This PR adds regression tests to ensure `allowAgents` updates are picked up even when reusing an existing tool instance within the same session context. - `src/agents/openclaw-tools.agents.test.ts` adds a case that calls `agents_list`, mutates the mocked config, then calls the same tool again and expects the updated allowlist to be reflected. - `src/agents/openclaw-tools.subagents.sessions-spawn-allows-cross-agent-spawning-configured.test.ts` adds a similar case for `sessions_spawn`, verifying it goes from `forbidden` to `accepted` after allowlist changes without recreating the tool. These tests align with how the tools are implemented (`agents_list` and `sessions_spawn` call `loadConfig()` inside `execute`), so they protect against future refactors that accidentally cache allowlist state across executions. <h3>Confidence Score: 4/5</h3> - This PR is largely safe to merge; changes are test-only and match current tool behavior. - The added tests are consistent with the production implementation (config is loaded within each tool execution), so they should be stable. The main concern is test isolation: the module-scoped gateway mock in the sessions_spawn test file can leak into other tests depending on the runner’s module cache/execution order. - src/agents/openclaw-tools.subagents.sessions-spawn-allows-cross-agent-spawning-configured.test.ts <!-- greptile_other_comments_section --> <!-- /greptile_comment -->