refactor(core): prepare high-risk runtime owner migration

[limityan]

Draft Status

This PR is intentionally draft. The initial tool path/runtime contract migration is not meant to be submitted as a small standalone PR. The branch now also updates the architecture and implementation plan so the next work proceeds as complete high-risk owner migration blocks instead of fragmented helper/guard changes.

Current Scope

• Move provider-neutral tool path resolution, effective absolute-path checks, runtime artifact reference assembly, and path-policy root matching/denial text into bitfun-agent-tools.
• Keep bitfun-core as the runtime binding owner for ToolUseContext, workspace/runtime root lookup, containment callbacks, BitFunError mapping, concrete tools, cancellation, and Deep Review hooks.
• Add documentation gates for future high-risk owner migrations: owner design, behavior inventory, pre-migration protection, rollback boundary, validation matrix, and adversarial review.
• Reframe the remaining plan so later work is grouped into complete owner-themed PRs: tool runtime, product-domain runtime, service/agent runtime, and optional H5 feature/build-benefit evaluation.

Safety

• No product behavior, default feature, product crate feature set, build script, CI/release path, concrete tool IO, workspace service, cancellation, or Deep Review hook is changed by the current branch state.
• The plan explicitly prevents future small helper/guard PRs from being submitted as standalone runtime migration work.

Validation So Far

• cargo test -p bitfun-agent-tools
• cargo test -p bitfun-core tool_context_runtime -- --nocapture
• $env:BITFUN_BOUNDARY_CHECK_SELF_TEST='1'; node scripts/check-core-boundaries.mjs
• node scripts/check-core-boundaries.mjs
• cargo check -p bitfun-core --no-default-features
• cargo check -p bitfun-core --features product-full
• git diff --check