Harden launcher overrides and fix opencode backend regressions

- remove codex auth mounts from opencode run/shell paths
  - reject opencode login and invalid backend values
  - harden opencode config writes against symlink clobbering
  - fix opencode build args and packages_extra handling
  - enforce cap-drop and read-only rootfs in runtime commands
  - reject dangerous runtime/build env overrides
  - update README and test docs to match actual behavior
  - extend regression coverage for backend safety and hardening

tests/opencode_localhost/.sloptrap

@@ -1,5 +1,4 @@
 name=opencode-localhost
 packages_extra=
 agent=opencode
-opencode_server=http://localhost:8080
 allow_host_network=false