docs(architecture): add trust-boundary system map diagram

docs/architecture/AGENT_DIAGRAM.md

@@ -4,6 +4,61 @@ This is a high-signal, agent-oriented view of Flynn's structure and execution fl
 
 If you're new to the codebase, start here, then jump to the referenced files.
 
+## System Map (Boundaries + Trust)
+
+This is the fastest way to understand what runs where, and where the security boundaries sit.
+
+```mermaid
+flowchart LR
+  subgraph EXT[External Systems]
+    MP[Model Providers\nAnthropic/OpenAI/Gemini/...\nvia ModelClient]
+    CH[Chat Networks\nTelegram/Discord/Slack/WhatsApp/...]
+    WEB[Web\nsearch/fetch targets]
+  end
+
+  subgraph HOST[Host (Flynn Daemon)]
+    CA[ChannelAdapters]
+    GW[Gateway\nHTTP + WS JSON-RPC + Web UI]
+    RT[Routing\ncreateMessageRouter()]
+    SM[SessionManager\nSQLite]
+    OR[AgentOrchestrator]
+    NA[NativeAgent\n(tool loop)]
+    MR[ModelRouter]
+    TP[ToolPolicy + ToolRegistry]
+    TE[ToolExecutor\nhooks + enforcement + audit]
+    MEM[Memory Store\nfiles + vector/keyword]
+    AU[Audit Logger\nredacted]
+    HS[Hooks/Autonomy\nconfirm/log/silent]
+  end
+
+  subgraph SBX[Sandbox (per-session Docker)]
+    ST[Sandboxed Tools\nshell/process/fs writes]
+    FS[Sandbox FS\nworkspace mount (scoped)]
+    NET[Sandbox Network\n(egress policy)]
+  end
+
+  CH --> CA
+  GW --> RT
+  CA --> RT
+  RT --> SM
+  RT --> OR
+  OR --> NA
+  NA --> MR
+  MR --> MP
+
+  NA --> TP
+  TP --> TE
+  TE --> HS
+  TE --> AU
+  TE --> MEM
+
+  TE -->|high-risk tools| ST
+  ST --> FS
+  ST --> NET
+
+  TE -->|web tools| WEB
+```
+
 ## Big Picture (Runtime Data Flow)
 
 ```text