Add agent sandbox run and WordPress ability

[chubes4]

Summary

• Adds sandbox-runtime agent-sandbox-run, a real isolated WordPress agent stack execution command rather than another boot-only probe.
• Adds packages/wordpress-plugin, a WordPress integration plugin that registers sandbox-runtime/run-agent-task for parent sites and frontend/chat agents.
• Clarifies the boundary: Data Machine Code is the mounted coding-tools component for file-editing agent sandboxes, while Sandbox Runtime owns the parent-site control plane and sandbox lifecycle.

Control-plane shape

Frontend Agent Chat
  -> Agents API
    -> WordPress ability permissioning
      -> Sandbox Runtime WordPress plugin
        -> sandbox-runtime agent-sandbox-run
          -> WordPress Playground sandbox
            -> mounted agent stack components
              -> DMC provides workspace/file/GitHub tools for coding tasks

The WordPress ability launches sandboxed work and returns structured run/artifact metadata. Apply-back remains intentionally separate and should use a reviewed, permissioned path.

Verification

• npm run build
• npm run check
• php tests/smoke-wordpress-plugin.php
• Real node packages/cli/dist/index.js agent-sandbox-run ... --task ... --code ... --wp trunk --json run passed with all four plugins active and artifacts collected.

AI assistance

• AI assistance: Yes
• Tool(s): OpenCode (GPT-5.5)
• Used for: Drafted the CLI command, WordPress ability plugin, smoke coverage, and local verification path for Chris to review.

[chubes4]

Architecture note from follow-up discussion: keep this upstream primitive in Sandbox Runtime, but do not expose the WordPress-facing ability from Data Machine Code. DMC is one component that can be mounted into a sandbox runtime; it should not also own the sandbox runtime control-plane surface. The frontend/chat ability layer should live in a dedicated Sandbox Runtime WordPress integration, with DMC available as an optional source/worktree component for repo-backed tasks.