feat(security): harden tool provenance and skill isolation

src/gateway/handlers/services.ts

@@ -99,6 +99,19 @@ export function discoverServices(
     },
   });
 
+  // Docker sandboxing (tooling subsystem)
+  services.push({
+    name: 'sandbox',
+    type: 'tool',
+    status: config.sandbox?.enabled ? 'configured' : 'not_configured',
+    description: 'Docker sandbox for high-risk tool execution',
+    metadata: {
+      enabled: config.sandbox?.enabled ?? false,
+      image: config.sandbox?.image,
+      network: config.sandbox?.network,
+    },
+  });
+
   const automation = config.automation;
 
   const automationConfigs: Array<{ enabled: boolean; name: string; description: string; itemCount?: number }> = [