acp: permission request flow for tool execution

**Parent**: #762

## Task

Implement `session/request_permission` flow: before executing sensitive tools, ask the IDE user for approval.

## Acceptance criteria

- [ ] Map tool kinds to permission categories (`read`, `edit`, `delete`, `execute`)
- [ ] Send `session/request_permission` with permission options (`allow_once`, `allow_always`, `reject_once`, `reject_always`)
- [ ] Cache `allow_always` / `reject_always` decisions per session
- [ ] Handle cancellation (user dismisses permission dialog)
- [ ] Integrate with existing `Channel::confirm()` pattern
- [ ] Skip permission requests for read-only operations if client capabilities indicate auto-approve

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

acp: permission request flow for tool execution #769

Task

Acceptance criteria

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

acp: permission request flow for tool execution #769

Description

Task

Acceptance criteria

Metadata

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

Issue actions