feat(tokenless): add qwencode adapter for Qwen Code extension

[shiloong]

Description

• Add qwencode adapter with PreToolUse, PostToolUse, and BeforeModel hooks
• Support RTK command rewriting, response/TOON/schema compression, and Tool Ready checks
• Deduplicate run-hook.sh: move to common/hooks/, qwencode uses symlink
• Expand Bash matcher to cover all shell tool variants (Bash, run_shell_command, etc.)
• Add sequential:true on tool-ready for ordered execution with rewrite
• Remove unused TOKENLESS_HOST env from all hook registrations
• Adjust timeouts to match cosh baseline (rewrite 5s, others 10s)
• Add detection, installation, and uninstallation scripts
• Integrate with RPM build system and manifest configuration

Related Issue

no-issue # add qwen code extension support

Type of Change

• Bug fix (non-breaking change that fixes an issue)
• New feature (non-breaking change that adds functionality)
• Breaking change (fix or feature that would cause existing functionality to not work as expected)
• Documentation update
• Refactoring (no functional change)
• Performance improvement
• CI/CD or build changes

Scope

• cosh (copilot-shell)
• sec-core (agent-sec-core)
• skill (os-skills)
• sight (agentsight)
• tokenless (tokenless)
• ckpt (ws-ckpt)
• memory (agent-memory)
• anolisa (anolisa-cli)
• Multiple / Project-wide

Checklist

• I have read the Contributing Guide
• My code follows the project's code style
• I have added tests that prove my fix is effective or that my feature works
• I have updated the documentation accordingly
• For cosh: Lint passes, type check passes, and tests pass
• For sec-core (Rust): cargo clippy -- -D warnings and cargo fmt --check pass
• For sec-core (Python): Ruff format and pytest pass
• For skill: Skill directory structure is valid and shell scripts pass syntax check
• For sight: cargo clippy -- -D warnings and cargo fmt --check pass
• For tokenless: cargo clippy -- -D warnings and cargo fmt --check pass
• For memory (Linux only): cargo clippy --all-targets -- -D warnings, cargo fmt --check, and cargo test pass
• For anolisa: cargo clippy --all-targets --locked -- -D warnings, cargo fmt --all --check, and cargo test --locked pass
• Lock files are up to date (package-lock.json / Cargo.lock)

Testing

Additional Notes

[Forrest-ly]

Code Review — PR #879

结论：⚠️ Approve with comments

整体设计优秀：run-hook.sh 提升到 common/ 消除重复、symlink 方案简洁、RPM 全链路覆盖完整、settings.json 去重防止双重注册。与现有适配器模式高度一致。

🔴 建议修复后合并

H1. %preun 卸载清理不够完整
当前 %preun 只调用 uninstall.sh，但对比 codex 适配器还会显式清理扩展缓存目录。建议在 %preun 中补充对 ~/.copilot-shell/extensions/ 下 tokenless 目录的兜底清理。

H2. TOKENLESS_HOST 移除需验证
从 claude-code hooks.json 移除了 TOKENLESS_HOST（3 处），请确认 common/hooks/ 下的 hook 脚本（rewrite_hook.py、compress_response_hook.py、tool_ready_hook.sh、hook_utils.py）中无对该变量的引用。可用 grep -r TOKENLESS_HOST common/hooks/ 验证。

🟡 建议改进

M1. install.sh 内嵌 ~25 行 Python 脚本可读性较低，建议抽取为 common/hooks/cleanup_settings_hooks.py

M2. detect.sh 中 co 二进制查找可能误判 — 建议对找到的 co 用 --version 输出验证是否确实是 Qwen Code

M3. rewrite timeout 5s vs Claude Code 10s — 确认差异是有意的平台适配还是遗漏

M4. install.sh 中 extensions uninstall 失败被 || true 静默吞掉 — 建议至少输出 WARNING

ℹ️ 其他

• L1: symlink 无换行符（\ No newline at end of file），某些 RPM 工具可能告警
• L3: detect.sh 中 jq 缺失标记为 install_missing，但 tool_ready_hook.sh 实际依赖它，建议改为 prereq_missing