WIP: Add Skill Ledger activation daemon

[1570005763]

Description

WIP: adds daemon-side Skill Ledger activation refresh for SkillFS change notifications.

This PR wires skill_ledger.skillfs_notify_change into the existing agent-sec-daemon Unix socket + NDJSON registry. The handler validates SkillFS change payloads, ignores metadata-only changes, queues work into a debounced activation job, runs Skill Ledger scan/activation refresh in the daemon background worker, and keeps .skill-meta/activation.json / xattr updated without exposing a resolve CLI.

It also updates the Skill Ledger / SkillFS activation design docs to describe the implemented daemon method, response semantics, debounce/reconcile behavior, and SkillFS interface boundaries.

Related Issue

no-issue: staged daemon activation implementation.

Type of Change

• Bug fix (non-breaking change that fixes an issue)
• New feature (non-breaking change that adds functionality)
• Breaking change (fix or feature that would cause existing functionality to not work as expected)
• Documentation update
• Refactoring (no functional change)
• Performance improvement
• CI/CD or build changes

Scope

• cosh (copilot-shell)
• sec-core (agent-sec-core)
• skill (os-skills)
• sight (agentsight)
• tokenless (tokenless)
• ckpt (ws-ckpt)
• memory (agent-memory)
• anolisa (anolisa-cli)
• Multiple / Project-wide

Checklist

• I have read the Contributing Guide
• My code follows the project's code style
• I have added tests that prove my fix is effective or that my feature works
• I have updated the documentation accordingly
• For cosh: Lint passes, type check passes, and tests pass
• For sec-core (Rust): cargo clippy -- -D warnings and cargo fmt --check pass
• For sec-core (Python): Ruff format and pytest pass
• For skill: Skill directory structure is valid and shell scripts pass syntax check
• For sight: cargo clippy -- -D warnings and cargo fmt --check pass
• For tokenless: cargo clippy -- -D warnings and cargo fmt --check pass
• For memory (Linux only): cargo clippy --all-targets -- -D warnings, cargo fmt --check, and cargo test pass
• For anolisa: cargo clippy --all-targets --locked -- -D warnings, cargo fmt --all --check, and cargo test --locked pass
• Lock files are up to date (package-lock.json / Cargo.lock)

Testing

• make python-code-pretty
• git diff --check
• TMPDIR=/tmp PYTEST_DISABLE_PLUGIN_AUTOLOAD=1 uv run --project agent-sec-cli pytest -q -p pytest_cov.plugin -p no:cacheprovider tests/unit-test/daemon/test_skill_ledger_activation.py tests/unit-test/daemon/test_client_server.py tests/integration-test/skill-ledger/test_skill_ledger_daemon_integration.py tests/e2e/daemon/test_daemon_e2e.py
• TMPDIR=/tmp PYTEST_DISABLE_PLUGIN_AUTOLOAD=1 uv run --project agent-sec-cli pytest -q -p pytest_cov.plugin -p no:cacheprovider tests/unit-test/skill_ledger tests/integration-test/skill-ledger
• TMPDIR=/tmp uv run --project agent-sec-cli python3 tests/e2e/skill-ledger/e2e_test.py

Additional Notes

• This PR is intentionally draft/WIP.
• Full make python-lint is not used as a gate here because the repository currently has pre-existing lint findings outside this change. The modified Python files were checked separately with ruff.
• No lockfile changes are expected for this PR.