[Change] Runtime adoption of safe artifact write policy

[djm81]

Why

Core can define safer init/setup behavior, but the broader trust problem remains if bundle runtime commands in specfact-cli-modules still overwrite or rewrite user-project artifacts ad hoc. To make specfact-cli issue #487 impossible by design rather than by one-off fix, bundle runtime commands that write local artifacts need to adopt the same safety contract.

What Changes

• reuse the core safe-write contract from specfact-cli in bundle runtime code
• add ownership-aware local artifact mutation for first-adopter bundle commands
• standardize backup/recovery and fail-safe conflict behavior for runtime local writes
• add regression tests proving unrelated user content survives supported runtime mutations
• document the runtime adoption pattern for future bundle authors

Acceptance Criteria

• selected bundle commands writing persistent user-project artifacts use the core safe-write helper
• runtime tests prove unrelated user content is preserved for partial-ownership writes
• unsupported merge cases fail safe instead of overwriting existing files
• compatibility and release metadata are updated as needed for the new core dependency

Dependencies

• Parent Feature: [Feature] Cross-Layer Runtime Follow-Ups #161
• Paired core change: profile-04-safe-project-artifact-writes

Related Issues/PRs

• Related bug context: bug: specfact init overwrites existing .vscode/settings.json completely specfact-cli#487

Additional Context

This sibling change exists so the design-level safety guarantee applies across bundle runtime code, not only in core init/setup.

---

OpenSpec Change Proposal: project-runtime-01-safe-artifact-write-policy