fix(policy): /policy check leaks env vars in trace and hardcodes TrustLevel::Trusted

## Context
PR #1870: `policy_commands.rs` wires `/policy check` with:
1. `std::env::vars().collect()` as policy context — real process env vars appear in the trace. On Telegram channel this could expose secrets.
2. Hardcoded `TrustLevel::Trusted` — the check command cannot simulate behavior for other trust levels.

## Fix
- Use empty env map for `/policy check` context (it's a diagnostic tool, not a live evaluation)
- Accept optional `--trust-level` argument to /policy check

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

fix(policy): /policy check leaks env vars in trace and hardcodes TrustLevel::Trusted #1873

Context

Fix

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

fix(policy): /policy check leaks env vars in trace and hardcodes TrustLevel::Trusted #1873

Description

Context

Fix

Metadata

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

Issue actions