M25.3: Anomaly detection, auto-block, and user notification

[bug-ops]

Parent: #418

Scope

Detect anomalous skill behavior and automatically block offending skills.

Tasks

• Add AnomalyDetector in zeph-tools/src/anomaly.rs with sliding-window counters per skill
• Define anomaly thresholds: consecutive failures (>=3), blocked attempts (>=2), sandbox violations (>=1)
• Integrate with AuditLogger — feed audit entries to detector after each tool execution
• On Critical anomaly: update skill_trust table to Blocked, remove from active set
• Send notification via channel: [SECURITY] Skill '{name}' blocked: {reason}
• On Warning anomaly: tracing::warn! with structured skill_name, trust_level fields
• Add skill_security_events SQLite table for event history
• Injection pattern scan on quarantined skill body at load time (configurable patterns)
• Add [security.quarantine] config section with tunable thresholds
• Tests for anomaly detection thresholds and auto-block flow

Acceptance Criteria

• Skill auto-blocked after exceeding violation threshold
• User receives channel notification on auto-block
• Security events persisted in SQLite
• Configurable thresholds via TOML