[Enhancement] Tool registry and schema validation for CC tool introspection

[OneStepAt4time]

Summary

Claude Code maintains a tool registry with ~42 tools, each having schemas, permission levels, and categorization. Aegis has no tool awareness — it treats CC as a black box. A tool registry would enable monitoring, policy enforcement, and analytics.

CC Reference

• src/tools/ — 30+ tool directories (BashTool, FileEditTool, MCPTool, AgentTool, etc.)
• src/Tool.ts — Base Tool type with schema, permission context, categorization
• src/services/tools/toolHooks.ts — Tool execution with permission checks
• src/tools/MCPTool/ — MCP tool integration

CC Architecture

• Each tool: {name, schema (Zod), permissionLevel, category, description}
• Tool registration: tools are registered at startup with schema validation
• Permission context: each tool has its own permission rules
• MCP tools: dynamically registered from MCP servers with schema introspection
• Tool categorization: read, write, edit, bash, search, mcp, agent, etc.

Current Aegis Gap

• Aegis has no visibility into which tools CC uses during a session
• No way to enforce tool-level policies (e.g., "allow read but deny write")
• No tool usage analytics or monitoring
• No schema validation for tool inputs/outputs

Proposed Implementation

1. Parse CC tool usage from JSONL transcript (tool_use/tool_result messages)
2. GET /v1/sessions/:id/tools — list tools used in a session with usage counts
3. GET /v1/tools — list all available CC tools with schemas
4. Tool usage metrics in session status
5. Future: tool-level permission policies per session

Priority

P3 — observability and analytics improvement

[OneStepAt4time]

🔧 Starting work on this. ETA: ~20 min per issue. Separate PRs targeting v2.7.0.