feat(policy): enforce truthfulness and autonomy guardrails

Add runtime truthfulness modes and autonomy-level tool gating with audit metadata for overrides/denials.

Wire policy through prompt assembly, tool execution context, and daemon/gateway agent paths; update tests and planning state for Phase 3 PR #2 completion.

src/daemon/services.ts

@@ -14,6 +14,9 @@ import { assembleSystemPrompt } from '../prompt/index.js';
 import { resolve } from 'path';
 import { homedir } from 'os';
 import type { MemoryStore } from '../memory/store.js';
+import type { CommandRegistry } from '../commands/index.js';
+import type { ComponentRegistry } from '../intents/index.js';
+import type { RoutingPolicy } from '../routing/index.js';
 
 // ── Skills ──────────────────────────────────────────────────────
 
@@ -75,6 +78,8 @@ export function loadSystemPrompt(config: Config, skillRegistry: SkillRegistry):
   const result = assembleSystemPrompt({
     searchDirs,
     extraSections: config.prompt.extra_sections,
+    contextLevel: config.prompt.context_level,
+    truthfulnessMode: config.agents.truthfulness_mode,
   });
 
   if (result.loadedFiles.length > 0) {
@@ -123,6 +128,9 @@ export interface GatewayDeps {
   lifecycle: Lifecycle;
   getChannelAgents: () => Map<string, { orchestrator: AgentOrchestrator; collector: OutboundAttachmentCollector }> | null;
   memoryStore?: MemoryStore;
+  commandRegistry?: CommandRegistry;
+  intentRegistry?: ComponentRegistry;
+  routingPolicy?: RoutingPolicy;
 }
 
 export function createGateway(deps: GatewayDeps): GatewayServer {
@@ -142,6 +150,9 @@ export function createGateway(deps: GatewayDeps): GatewayServer {
     },
     authHttp: config.server.auth_http,
     lock: config.server.lock,
+    commandRegistry: deps.commandRegistry,
+    intentRegistry: deps.intentRegistry,
+    routingPolicy: deps.routingPolicy,
     uiDir: resolve(import.meta.dirname, '../gateway/ui'),
     config,
     channelRegistry,