fix(kanban): gate autonomous dispatch by governance headers

[camaragon]

Summary

• gate Kanban autonomous promotion/claim/dispatch on top-of-body Approval: and Execution: headers
• allow only non-gated approvals (observe, propose, execute-safe) with worker/assigned execution to be spawnable
• add regression coverage for approval-required/self/hold/assigned mismatch behavior
• add cron prompt scanner regression so benign PR-maintenance secret-scan wording is allowed while real curl env exfil stays blocked

Test Plan

• python -m pytest tests/hermes_cli/test_kanban_db.py tests/tools/test_cron_prompt_injection.py -q -o 'addopts=' → 76 passed locally

CI note

Current PR CI has repository-baseline noise:

• test is red, but current main at 839cdd1b054a75ff1b581199a83488c8e0f2f788 is also red on the same lane.
• Compared failed-test summaries: PR has 0 PR-only failures; its 40 failed tests are a subset of main's 47 failed tests.
• ruff + ty diff failed only while posting/updating the PR lint comment with 403 Resource not accessible by integration; the lint report itself says ruff has 0 issues and ty diagnostics are warnings.

Risk

Low. Dispatcher gating is intentionally conservative for new governance headers while legacy cards without headers keep existing worker/execute-safe default behavior.

Notes

• Prepared in a clean worktree from current origin/main.
• No unrelated local dirty files included.
• No secrets found in diff scan.