#23473: Hooks/Plugins: enforce discovery root containment

## Summary - enforce realpath containment for hook discovery roots and discovered hook directories - enforce allowed-root containment for plugin discovery directories to block symlink escapes - add regression tests for workspace/global symlink escape cases in hook/plugin discovery ## Testing - pnpm test src/hooks/workspace.test.ts src/plugins/discovery.test.ts - pnpm check <!-- greptile_comment --> <h3>Greptile Summary</h3> Added symlink escape prevention for hook and plugin discovery to prevent malicious code execution via symlink attacks. The changes enforce realpath containment checks at two levels: validating discovery roots stay within allowed boundaries, and ensuring discovered entries don't escape via symlinks. Test coverage includes workspace and global symlink escape scenarios. <h3>Confidence Score: 5/5</h3> - This PR is safe to merge with minimal risk - The security hardening is well-implemented with two-level symlink escape prevention, follows existing code patterns using `isPathInsideWithRealpath`, includes comprehensive test coverage for both workspace and global symlink scenarios, and applies defense-in-depth by checking both discovery directories and individual entries - No files require special attention _{Last reviewed commit: 32b0052} <!-- greptile_other_comments_section --> <!-- /greptile_comment -->