#16776: feat(gateway): agent-scoped access for kOS collaborators

Implements Track B Task 1 from docs/specs/agent-scoped-access.md — scope enforcement middleware for agents.list filtering, agent-targeted RPC gating, collaborator role support. <!-- greptile_comment --> <h3>Greptile Summary</h3> Implements agent-scoped access control for the collaborator role. Adds a new `FORBIDDEN` error code, introduces scope utility functions (`connectionHasAgentAccess`, `connectionIsOwner`, `filterAgentsForConnection`), and enforces access control across agent CRUD operations and file access. The `agents.list` handler filters results based on scopes, and mutating operations (`agents.create`, `agents.update`, `agents.delete`) restrict collaborators to owner/operator roles only. The implementation follows a defense-in-depth approach: method-level authorization in `server-methods.ts` whitelists specific RPCs for collaborators, then handler-level enforcement validates scopes and roles. Comprehensive E2E tests verify filtering, backward compatibility with empty scopes, and FORBIDDEN responses for unauthorized operations. **Critical Issue:** The previous thread correctly identified that `agent` and `agent.wait` RPCs are missing from the collaborator whitelist (lines 114-126 in `server-methods.ts`). This blocks the primary use case - collaborators cannot send messages to their scoped agents. These methods need to be whitelisted, then scope enforcement should be added in the `agent` handler to validate `agentId` against scopes. <h3>Confidence Score: 2/5</h3> - This PR has a critical functional gap that breaks the primary use case for collaborators. - The implementation is well-structured with proper tests and follows security best practices for what it does implement. However, the missing `agent` RPC whitelist entry means collaborators cannot message agents - the core workflow this feature should enable. This makes the PR incomplete for its stated purpose. - `src/gateway/server-methods.ts` requires adding `agent` and `agent.wait` to the collaborator whitelist, and `src/gateway/server-methods/agent.ts` needs scope enforcement added to the `agent` handler. _{Last reviewed commit: 03af441} <!-- greptile_other_comments_section --> <!-- /greptile_comment -->