#21076: feat(quota): unify provider quota tracking and usage UI across providers (AI-assisted)

## What This PR unifies provider quota/usage handling and rendering across status and Control UI. ### Changes included - Unifies provider usage/quota fetch + formatting flow across configured providers - Aligns `/status` and Control UI usage output to the same source of truth - Adds `/quota` command wiring for provider quota visibility - Improves provider alias/profile handling and hides unconfigured providers in UI - Fixes Claude quota fallback for manual/setup tokens by: - accepting raw/full `CLAUDE_WEB_COOKIE` formats - broadening `user:profile` scope error detection - restoring browser-like headers for `claude.ai` fallback requests - Adds browser-safe shims to avoid server-only imports leaking into UI bundle ## Why Quota behavior had drifted across providers and surfaces, causing inconsistent output and Claude fallback regressions. This consolidates logic so quota/status behavior is predictable and consistent. ## Scope Focused PR: quota/usage tracking + related UI/status integration only. ## Testing - [x] Local runtime/manual validation on OpenClaw instance - [x] `pnpm build` - [x] `pnpm ui:build` - [x] `pnpm test src/infra/provider-usage.test.ts` - [ ] `pnpm check` *(run in CI / can run locally before final merge if needed)* Manual checks: - [x] Control UI Usage refresh works - [x] `/status` quota output works - [x] Claude fallback path works again with cookie-based usage fallback ## AI-assisted disclosure - [x] Marked as AI-assisted - Testing degree: **lightly tested** (targeted tests + manual verification; not full suite) - [x] I reviewed and understand what this code does - Prompts/session logs: available on request <!-- greptile_comment --> <h3>Greptile Summary</h3> unified provider quota tracking and rendering across `/status`, `/quota`, and Control UI - added moonshot/kimi provider with multi-endpoint fallback (billing → global → CN) - improved claude fallback to accept raw cookie formats and broader scope error detection - added browser shims for process-exec and spawn-utils to prevent server imports in UI bundle - enhanced bundle script with windows path resolution - introduced provider quota panel in usage tab with per-window progress bars **issue found:** - `ui/src/ui/views/agents-utils.ts` duplicates ~90 lines from `src/agents/tool-policy-shared.ts` (tool name normalization, group expansion, profile resolution) — maintenance risk as policy changes must be synced manually across both files <h3>Confidence Score: 3/5</h3> - safe to merge with code duplication maintenance risk - core quota logic is well-tested with comprehensive test coverage for moonshot fallbacks and claude cookie parsing edge cases; the unified rendering flow is sound; however, the agents-utils code duplication creates moderate maintenance risk where changes to tool policy must be manually synchronized across two files - `ui/src/ui/views/agents-utils.ts` duplicates tool policy logic — consider refactoring before merging or document the duplication risk _{Last reviewed commit: 7819509} <!-- greptile_other_comments_section --> _{(3/5) Reply to the agent's comments like "Can you suggest a fix for this @greptileai?" or ask follow-up questions!} <!-- /greptile_comment -->