#23758: Skills: gate deterministic dispatch with allowTools

## Summary - add `skills.commandDispatch.allowTools` config to explicitly allow deterministic `/skill` tool dispatch - make deterministic `command-dispatch: tool` fail closed by default (deny-all when allowlist is unset/empty) - keep allowlist matching policy-aware so patterns/group entries can be used ## Testing - pnpm lint - pnpm vitest run --config vitest.unit.config.ts src/auto-reply/reply/get-reply-inline-actions.skill-dispatch-allowlist.test.ts src/auto-reply/reply/get-reply-inline-actions.skip-when-config-empty.test.ts src/config/config.skills-entries-config.test.ts - pnpm check *(fails on pre-existing upstream TypeScript errors unrelated to this PR)* <!-- greptile_comment --> <h3>Greptile Summary</h3> Adds explicit allowlist control for deterministic skill dispatch to tools via `skills.commandDispatch.allowTools` config. This security feature fails closed by default (deny-all when unset/empty) and leverages existing policy-aware matching to support patterns and tool groups. - Introduced `isSkillDispatchToolAllowed` function that checks `cfg.skills.commandDispatch.allowTools` and fails closed when empty - Added check in `handleInlineActions` before executing tool dispatch at `get-reply-inline-actions.ts:203` - Returns user-friendly error message when tool is blocked - Comprehensive test coverage validates deny-by-default, allowlist matching, and blocking of non-allowlisted tools - Reuses `isToolAllowedByPolicyName` for pattern matching consistency <h3>Confidence Score: 5/5</h3> - This PR is safe to merge with minimal risk - The implementation follows secure-by-default principles with fail-closed behavior, comprehensive test coverage validates all critical paths, reuses battle-tested policy matching logic, and includes proper TypeScript types and Zod schema validation - No files require special attention _{Last reviewed commit: 2f9dab1} <!-- greptile_other_comments_section --> <!-- /greptile_comment -->