[SEC-2.1] Tool result sanitization boundary

Part of #1195 — Phase 2

Apply sanitization at ToolExecutor boundary. All tool outputs must carry TrustLevel metadata.

**Crates**: zeph-tools, zeph-core
**Depends on**: SEC-1.4

**Tasks**:
- [ ] `ToolResult` gains `trust_level: TrustLevel` field
- [ ] `ShellExecutor`: results tagged `LocalUntrusted`
- [ ] `WebScrapeExecutor`: results tagged `ExternalUntrusted`, extra sanitization (HTML tag stripping)
- [ ] `CompositeExecutor`: propagates trust level from inner executors
- [ ] Audit log: `tracing::info!` for each tool result with trust level and size
- [ ] Unit tests per executor type

**Files**: `crates/zeph-tools/src/lib.rs`, `crates/zeph-tools/src/shell.rs`, `crates/zeph-tools/src/web_scrape.rs`, `crates/zeph-tools/src/composite.rs`

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

[SEC-2.1] Tool result sanitization boundary #1200

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

[SEC-2.1] Tool result sanitization boundary #1200

Description

Metadata

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

Issue actions