fix(desktop): reap orphaned agent processes across instances

[wpfleger96]

Problem

Orphaned sprout-agent processes accumulate across dev sessions because:

1. tauri dev Ctrl+C kills the Rust app before its system sweep completes, so agent workers spawned in their own process groups survive as orphans
2. Instance-id scoping from fix(desktop): scope agent sweep to the owning app instance #808 means a restarted instance only sweeps agents matching its own identifier — agents from a dead worktree or crashed instance are never collected
3. No periodic sweep runs during the app's lifetime, so leaks from mid-session crashes persist until the next reboot of the same instance

On a dev machine this manifests as ~100+ zombie sprout-agent processes after a few sessions, consuming memory and CPU.

Fix

Three-layer defense, one commit per layer:

1. Justfile EXIT trap (scripts/cleanup-instance-agents.sh)

Adds an EXIT trap to just dev and just staging that reaps this instance's agents via the PID-file receipts the desktop already writes (<app-data>/agents/agent-pids/<pubkey>.pid, each containing the agent's PGID). Kills by process group so the entire agent subtree is reached.

Uses PID files instead of pkill -f SPROUT_MANAGED_AGENT=... because macOS pkill -f matches only argv, not the environment — an env-marker match silently reaps nothing.

Scoping is exact: the app-data dir is keyed by bundle identifier, so a worktree's trap never touches the main checkout's agents or vice versa.

2. Dead-instance reaping on boot (runtime.rs)

Extends sweep_system_agent_processes to detect agents belonging to instance IDs whose desktop/Tauri binary is no longer running:

• Scans all user processes for SPROUT_MANAGED_AGENT=* env markers
• Groups by instance ID extracted from the marker value
• For each foreign instance: checks if a Sprout desktop binary (not any agent) with that identifier is still alive
• If no desktop is alive → reaps all that instance's agents via the existing sigterm_then_sigkill path

The desktop liveness check (desktop_is_alive_for_instance) specifically matches the Tauri/desktop binary name (sprout-desktop, Sprout) and confirms the identifier in its KERN_PROCARGS2 buffer (macOS) or /proc/<pid>/cmdline (Linux). This prevents orphaned agents from vouching for each other.

Boundary-anchored matching: The identifier match uses buffer_contains_identifier() which requires the trailing byte to be a non-identifier character (not [A-Za-z0-9._-]). This prevents xyz.block.sprout.app from false-matching inside xyz.block.sprout.app.dev — the exact prefix-collision scenario that motivated the fix.

proc_listallpids robustness: The PID enumeration loops until the buffer is confirmed large enough, preventing silent under-scanning during fork storms (the exact domain this code operates in).

3. Periodic 60s sweep (lib.rs)

Spawns a background tokio::spawn task that runs the full system sweep (including dead-instance reaping) every 60 seconds.

Two-tick grace: Same-instance orphans are only reaped after being seen orphaned on two consecutive sweeps (120s worst case). This prevents killing a legitimately-starting agent that spawned between the skip-list snapshot and the process scan — a race that recurs every 60s and widens during burst spawns.

Off the async pool: The blocking syscall work (sysctl/proc_listallpids/proc_pidinfo + the 200ms thread::sleep in sigterm_then_sigkill) runs inside spawn_blocking so it never stalls a tokio worker thread.

Closes the window where a Ctrl+C leak from a different instance ID only gets collected by the next boot of that same instance — which may never happen if the developer switches workflows.

Post-fix expected state

~100 processes under normal DMG usage is expected (4 agents × 25 at DEFAULT_AGENT_PARALLELISM=24). That's a separate discussion — this PR addresses the unbounded accumulation from dead instances.