feat(observability): add debug/trace logging to shell tool and command policy

Shell tool now logs at debug level: command invocations, policy
allow/block decisions with reasons, exit codes, and output sizes.
Trace level adds full stdout/stderr content and risk assessment details.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

src/security/policy.rs

@@ -312,16 +312,20 @@ impl SecurityPolicy {
         approved: bool,
     ) -> Result<CommandRiskLevel, String> {
         if !self.is_command_allowed(command) {
+            tracing::debug!(command, "Shell command blocked by allowlist");
             return Err(format!("Command not allowed by security policy: {command}"));
         }
 
         let risk = self.command_risk_level(command);
+        tracing::trace!(command, ?risk, approved, "Shell command risk assessed");
 
         if risk == CommandRiskLevel::High {
             if self.block_high_risk_commands {
+                tracing::debug!(command, "Shell command blocked: high-risk disallowed by policy");
                 return Err("Command blocked: high-risk command is disallowed by policy".into());
             }
             if self.autonomy == AutonomyLevel::Supervised && !approved {
+                tracing::debug!(command, "Shell command blocked: high-risk needs approval");
                 return Err(
                     "Command requires explicit approval (approved=true): high-risk operation"
                         .into(),
@@ -334,11 +338,13 @@ impl SecurityPolicy {
             && self.require_approval_for_medium_risk
             && !approved
         {
+            tracing::debug!(command, "Shell command blocked: medium-risk needs approval");
             return Err(
                 "Command requires explicit approval (approved=true): medium-risk operation".into(),
             );
         }
 
+        tracing::debug!(command, ?risk, "Shell command allowed by policy");
         Ok(risk)
     }