plan(ssh): add transparent SSH support design & implementation plan

Research and plan transparent SSH execution so an agent runs commands on a
remote computer as if local — the agent never learns it is using SSH.

Covers:
- How the cwd → ToolExecuteContext pipeline works today and where a
  computerId threads in (mirroring cwd end-to-end)
- The ExecBackend abstraction (spawn + fs) behind which tool-shell/
  read-file/write-file/edit-file are refactored, with LocalExecBackend
  (node) and SshExecBackend (ssh2) implementations
- Computer data model + workspace defaultComputerId + per-conversation
  override, mirroring the getEffectiveCwd resolution ladder (null = local)
- SSH connection pooling (one per computer, lazy connect, keep-alive, idle
  reaping), auth via SecretsAccess/gopass, host-key verification
- Turn loop / dispatch integration (additive optional computerId field,
  backward-compatible — absent = today's local behavior)
- LSP/MCP degrade by dropping those tools on remote turns (future: remote
  server spawn over SSH)
- API surface (computer CRUD, per-conv + workspace-default endpoints,
  chat.send gains computerId), frontend impact
- Security, edge cases, phased implementation, contract gaps reported to
  unit owners (one-owner-per-unit honored — planner does not edit others)

No code changed; planning document only. No merge or push.

0 files changed, 0 insertions, 0 deletions