Make yolo skip managed-network tool enforcement

[won-openai]

Summary

This makes DangerFullAccess / yolo tool execution fully opt out of managed-network enforcement.

Previously, yolo turns could have turn.network stripped while tool orchestration still derived enforce_managed_network=true from requirements.toml.network. That created an inconsistent state where the turn had no managed proxy attached, but tool execution still behaved like managed networking was active.

This updates the tool orchestration and JS REPL paths to treat managed networking as active only when the current turn actually has turn.network.

Behavior

• Yolo / DangerFullAccess: no managed proxy, no managed-network enforcement.
• Guardian / workspace-write with managed proxy: managed-network enforcement still applies.
• Avoids the half-state where yolo has no proxy but still gets managed-network sandbox behavior.

Tests

• just fmt
• cargo test -p codex-core danger_full_access_tool_attempts_do_not_enforce_managed_network -- --nocapture
• cargo test -p codex-core danger_full_access -- --nocapture
• just fix -p codex-core

[won-openai]

@codex review

[chatgpt-codex-connector]

Codex Review: Didn't find any major issues. Chef's kiss.

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

[dylan-hurd-oai]

cc @bolinfest for visibility as well