Add terminal command lifecycle receipts and shutdown discipline

[mdheller]

Parent standard: SocioProphet/prophet-platform-standards#12

Purpose

TurtleTerm should implement the terminal-specific portion of Host Runtime Contract v0.1. Terminal command execution must be typed, permissioned, observable, replayable, and safely cleaned up.

Required command lifecycle

planned
  -> permission_requested
  -> permission_granted | permission_denied
  -> spawned
  -> streaming
  -> exited
  -> receipt_sealed

Required events

terminal.command.planned
terminal.permission.requested
terminal.permission.granted_once
terminal.permission.denied
terminal.process.spawned
terminal.stream.output
terminal.stream.redacted
terminal.process.exited
terminal.process.killed
terminal.cwd.changed
terminal.env.exposed
terminal.file.write_detected
terminal.receipt.sealed
terminal.pty.cleanup_started
terminal.pty.cleanup_completed

Implementation scope

• Add command receipt envelope.
• Track cwd, argv hash, env exposure class, process group, exit status, duration, and touched files where available.
• Add shell command risk classes.
• Add explicit permission prompts for destructive, network, credential, host-modifying, filesystem-wide, or privileged operations.
• Add PTY/process-group cleanup to shutdown DAG.
• Add redaction policy for stdout/stderr diagnostics.

Acceptance criteria

• Every agent-invoked command emits a lifecycle receipt.
• Permission denial prevents command spawn.
• Process group cleanup is tested.
• Receipt sealing survives command failure.
• stdout/stderr diagnostic export supports redaction.
• Terminal integrates with SourceOS Shell lifecycle readiness and shutdown contract.