#16685: Fix cli agents/approvals/discord routing edge cases

## Summary - Fixes the CLI route-first dispatcher so `openclaw agents add` is routed through normal command parsing and no longer fails with `unknown command 'agents'`. - Fixes exec approval forwarding behavior: `sessionFilter` no longer blocks forwarding in `mode: targets`. - Improves Discord inbound session classification using resolved route session key to avoid direct/channel misclassification. ## Related issues - Closes #16267 - Closes #16184 - Closes #16149 ## Testing - Not run in this environment due missing toolchain constraints (`pnpm` not installed / test deps unavailable). <!-- greptile_comment --> <h3>Greptile Summary</h3> Fixed CLI dispatcher to properly route all `openclaw agents` subcommands through normal command parsing instead of only handling `agents list`. The old route matched only `agents list`, causing `openclaw agents add` and other subcommands to fail with "unknown command 'agents'". - **CLI routing fix**: Changed `routeAgentsCommand` to match all `agents` commands and delegate to full program parser, enabling proper subcommand discovery for `add`, `delete`, and `set-identity`. - **Exec approval forwarding fix**: In `mode: targets`, `sessionFilter` no longer blocks forwarding when explicit targets are configured. The filter now only applies in `session` and `both` modes as intended. - **Discord session classification**: Uses resolved route session key to determine direct vs channel sessions, preventing misclassification when routing rules differ from Discord channel type. - **Session file path resolution**: Added `agentId` parameter threading through `resolveSessionFilePath` calls to correctly resolve multi-agent session transcript paths. - **Config schema**: Added `gateway.auth.rateLimit` field with validation and metadata. - **Error pattern refinement**: Improved 402 billing error regex to avoid false positives on response text containing "402". <h3>Confidence Score: 4/5</h3> - This PR is safe to merge with low risk - fixes critical CLI routing bugs and approval forwarding logic with good test coverage - The changes fix well-scoped bugs with clear logic improvements. CLI routing now properly delegates to full command parser. Approval forwarding correctly applies `sessionFilter` only in relevant modes. Discord classification uses authoritative route data. All changes follow consistent patterns and include test coverage. Minor risk from the broad CLI routing change, but the delegation to existing parser is the correct solution. - No files require special attention _{Last reviewed commit: d022421} <!-- greptile_other_comments_section --> _{(3/5) Reply to the agent's comments like "Can you suggest a fix for this @greptileai?" or ask follow-up questions!} <!-- /greptile_comment -->