Copilot Review Comments

PR #8139 (🐛 fix: exec authz typed-nil guard + test coverage (#8137)) was merged with 3 Copilot review comment(s) that should be addressed in a follow-up:

• pkg/api/handlers/exec.go:233: In authorizePodExec, the SAR error path formats the underlying error with %v, so callers cannot recover the underlying SAR error via errors.Is/Unwrap (despite comments implying wrapping). Consider wra...
• pkg/api/handlers/exec_test.go:197: This test comment says the underlying SAR error is recoverable via errors.Is, but authorizePodExec currently formats the underlying error with %v (so errors.Is(err, sentinel) will fail). Either update...
• pkg/api/handlers/exec.go:518: The PR description states the original log messages/fields were preserved byte-for-byte, but this branch no longer logs the SAR deny reason under the structured "reason" key (it now logs a combined wr...

PR: #8139

Auto-generated by copilot-comment-followup workflow