CRITICAL: Fix task permission inheritance - child config should override parent

[randomm]

Problem

Current implementation makes subagents inherit parent permissions, but they should use their OWN config.

Current Behavior (WRONG)

• PM spawns Developer → Developer inherits PM's permissions
• Developer can spawn ops/explore (bypassing quality gates)

Required Behavior

• Each agent uses its OWN permission.task config
• Parent permissions don't affect child's delegation rights
• Developer can only spawn adversarial-developer (per its own config)

Implementation Notes

• Update .fork-features/manifest.json permission-bubbling feature
• Change from inheritance model to authoritative config model
• Each agent's permission.task config is authoritative for its delegation

Acceptance Criteria

• Subagent's permission.task from JSON config is evaluated when THAT subagent tries to spawn another subagent
• Parent's task permissions do not affect child's delegation rights
• Each agent can only spawn agents explicitly allowed in its OWN config
• Deny rules in child config are enforced even if parent has broader permissions
• .fork-features/manifest.json updated with implementation details

Priority: HIGH - Blocking quality gate enforcement

[randomm]

✅ Completed in commits:

• 3aaeb21 - fix(opencode): child agent uses own permissions, not parent's
• ae02a21 - fix(opencode): enforce caller task permissions at execution time
• cd7e668 - fix(opencode): prevent ctx.ask() bypass of agent permissions
• 373f8b0 - docs(fork): update manifest for ctx.ask() bypass fix

Implementation:

• ✅ Each agent now uses its OWN permission.task config (not inherited)
• ✅ Permissions enforced at execution time based on caller's config
• ✅ ctx.ask() bypass vulnerability fixed
• ✅ .fork-features/manifest.json updated

Developer agent is now restricted to only spawning @adversarial-developer per its config.