#23743: Auto-reply: enforce tools.allow/tools.deny on deterministic skill tool dispatch

## Summary - route deterministic skill `command-dispatch: tool` through the same tool-policy pipeline used by normal tool exposure paths - enforce profile/global/agent/group/subagent tool policy layers before selecting a deterministic dispatch target - keep owner-only enforcement in place and fail closed with the existing "Tool not available" reply when policy blocks a tool - add focused unit coverage for both deny and allow paths on deterministic dispatch ## Testing - pnpm check - pnpm vitest run --config vitest.unit.config.ts src/auto-reply/reply/get-reply-inline-actions.skill-dispatch-tool-policy.test.ts <!-- greptile_comment --> <h3>Greptile Summary</h3> This PR routes deterministic skill tool dispatch through the same comprehensive tool policy pipeline used by normal agent tool exposure, closing a security gap where `tools.allow`/`tools.deny` configurations were previously bypassed. - Applies the full policy pipeline (profile, global, agent, group, and subagent policies) before selecting a deterministic dispatch target - Maintains owner-only enforcement and fails closed with "Tool not available" when policy blocks access - Adds focused unit tests covering both deny and allow policy enforcement paths <h3>Confidence Score: 5/5</h3> - This PR is safe to merge with minimal risk - The implementation correctly mirrors the established pattern in `pi-tools.ts:474-495`, applying owner-only filtering followed by the full tool policy pipeline. The changes close a security gap by enforcing tool policies on deterministic skill dispatch paths, and the comprehensive unit tests verify both blocking and allowing scenarios. - No files require special attention _{Last reviewed commit: 9bcbfcb} <!-- greptile_other_comments_section --> <!-- /greptile_comment -->