fix(security): bind system.run approvals to argv identity

src/infra/exec-approvals.ts

@@ -15,6 +15,7 @@ export type ExecApprovalRequest = {
   id: string;
   request: {
     command: string;
+    commandArgv?: string[] | null;
     cwd?: string | null;
     nodeId?: string | null;
     host?: string | null;

src/infra/system-run-command.test.ts

@@ -21,6 +21,10 @@ describe("system run command helpers", () => {
     expect(formatExecCommand(["echo", "hi there"])).toBe('echo "hi there"');
   });
 
+  test("formatExecCommand preserves trailing whitespace in argv tokens", () => {
+    expect(formatExecCommand(["runner "])).toBe('"runner "');
+  });
+
   test("extractShellCommandFromArgv extracts sh -lc command", () => {
     expect(extractShellCommandFromArgv(["/bin/sh", "-lc", "echo hi"])).toBe("echo hi");
   });

src/infra/system-run-command.ts

@@ -35,15 +35,14 @@ export type ResolvedSystemRunCommand =
 export function formatExecCommand(argv: string[]): string {
   return argv
     .map((arg) => {
-      const trimmed = arg.trim();
-      if (!trimmed) {
+      if (arg.length === 0) {
         return '""';
       }
-      const needsQuotes = /\s|"/.test(trimmed);
+      const needsQuotes = /\s|"/.test(arg);
       if (!needsQuotes) {
-        return trimmed;
+        return arg;
       }
-      return `"${trimmed.replace(/"/g, '\\"')}"`;
+      return `"${arg.replace(/"/g, '\\"')}"`;
     })
     .join(" ");
 }