This adds a new agent-side process management HTTP API and rewrites the
chat execute tool to use it instead of SSH sessions.

## Agent-side changes

New `agent/agentproc/` package providing:

- `HeadTailBuffer`: Thread-safe io.Writer with bounded memory (16KB
  head + 16KB tail ring buffer). Provides LLM-ready output with
  truncation metadata and long-line truncation at 2048 bytes.

- `Manager`: Process lifecycle management using `agentexec.Execer` for
  proper OOM/nice scores. Tracks processes in a map, captures
  stdout+stderr into HeadTailBuffer, supports background processes.

- HTTP API mounted at `/api/v0/processes` following the `agentfiles`
  pattern:
  - POST /start - Start a foreground or background process
  - GET /list - List all tracked processes
  - GET /{id}/output - Get truncated output with status
  - POST /{id}/signal - Send kill/terminate signal

## SDK changes

Four new methods on the `AgentConn` interface with corresponding
request/response types: `StartProcess`, `ListProcesses`,
`ProcessOutput`, `SignalProcess`.

## Execute tool rewrite

- Switches from SSH sessions to the agent HTTP API
- Adds `workdir` parameter for setting working directory
- Adds `run_in_background` parameter for background processes
- Structured JSON response with success, exit_code, wall_duration_ms,
  error, truncated, note, and background_process_id fields
- Sets non-interactive env vars (GIT_EDITOR=true, TERM=dumb, etc.)
- File-dump detection with advisory notes suggesting read_file
- Default timeout lowered from 60s to 10s
- Output capped at 32KB for LLM consumption
- Foreground processes polled every 200ms until exit or timeout

State lives on the agent, surviving coderd failover and instance
changes. Any coderd replica can query any agent's processes via the
HTTP API over tailnet.

Critical fixes:
- All processes now use cancellable context.Background() so they
  survive the HTTP request lifecycle. Previously foreground processes
  used r.Context() and were killed when the response was written.
- Add Close() method to manager that cancels all process contexts
  and waits for them to exit. Wired into agent shutdown.
- Set cmd.WaitDelay=5s so cmd.Wait() returns promptly even when
  child processes hold pipes open.

Code quality:
- Unexport all symbols only used within the package: Process,
  Manager, NewManager, all Handle* methods, all request/response
  types in api.go.
- Eliminate type duplication: import SDK types from
  codersdk/workspacesdk instead of defining duplicates.
- Remove dead MaxBufferSize constant.
- Use sentinel errors (errProcessNotFound, errProcessNotRunning)
  instead of TOCTOU pattern in signal handler.
- Return 409 Conflict for signaling an exited process (was 500).
- UTF-8 safe output truncation via strings.ToValidUTF8.
- Consolidate ProcessOutputOptions/ProcessListOptions/
  ProcessSignalOptions into single ProcessToolOptions type.
- Use quartz.Clock instead of time.Now() for testability.

Tests (new file agent/agentproc/api_test.go):
- TestStartProcess: foreground, background, empty command,
  malformed JSON, custom workdir, custom env
- TestListProcesses: empty, mixed running/exited
- TestProcessOutput: exited, running, nonexistent
- TestSignalProcess: kill, terminate, nonexistent, already exited,
  empty signal, invalid signal
- TestProcessLifecycle: output + exit code, non-zero exit,
  start-signal-verify, output exceeding buffer, stderr captured