#16523: fix(security): audit falsely flags dangerous commands in denyCommands (#16508)

## Summary `security audit --deep` flags entries like `camera.snap`, `screen.record`, `sms.send` in `gateway.nodes.denyCommands` as "unknown command names" — but these are real commands defined in `DEFAULT_DANGEROUS_NODE_COMMANDS`. Users adding them to their deny list get a false warning that creates confusion about whether their config is actually working. Closes #16508 lobster-biscuit ## Root Cause `listKnownNodeCommands` in `audit-extra.sync.ts` builds the known command set by iterating platform default allowlists via `resolveNodeCommandAllowlist`. But dangerous commands (`camera.snap`, `camera.clip`, `screen.record`, `calendar.add`, `contacts.add`, `reminders.add`, `sms.send`) aren't in any platform's defaults — they're opt-in via `allowCommands`. So the audit doesn't recognize them as valid names. ## Changes - Before: denying `camera.snap` triggers `gateway.nodes.deny_commands_ineffective` warning - After: dangerous commands are recognized as valid, only truly unknown names get flagged ## Tests - `audit.test.ts` — new test with all 7 dangerous commands in `denyCommands`, confirms no false warning. Fails before fix, passes after. - All 158 tests in `src/security/` pass - `pnpm build && pnpm check` pass <!-- greptile_comment --> <h3>Greptile Summary</h3> Fixed false positive audit warnings when denying dangerous commands like `camera.snap`, `screen.record`, and `sms.send`. The audit's `listKnownNodeCommands` function now recognizes `DEFAULT_DANGEROUS_NODE_COMMANDS` as valid command names, eliminating confusion about whether deny list configurations are working correctly. Changes: - Added `DEFAULT_DANGEROUS_NODE_COMMANDS` to the known command set in `listKnownNodeCommands` - Added comprehensive test covering all 7 dangerous commands to verify they're recognized as valid <h3>Confidence Score: 5/5</h3> - Safe to merge - surgical fix that correctly addresses the root cause with appropriate test coverage - The fix is minimal and precisely targets the issue: dangerous commands weren't included in the audit's known command set despite being valid. The solution simply adds them to the set after iterating platform defaults. Test coverage includes all 7 dangerous commands and verifies the warning is not triggered. - No files require special attention _{Last reviewed commit: 8aef653} <!-- greptile_other_comments_section --> <!-- /greptile_comment -->