fix: snapshot policy at session start to prevent mid-session mutation leaks

[imran-siddique]

Problem

ExecutionContext stores a reference to the live GovernancePolicy object (base.py line 556). If the policy is mutated mid-session — via hot-reload, compose, or direct attribute change — all active contexts immediately see the new policy, breaking determinism.

Evidence

• create_context() (line 830): policy=self.policy passes reference, not copy
• pre_execute() reads self.policy directly (lines 861, 875, 882, 888)
• No version pinning, staleness detection, or snapshot mechanism exists
• No policy_changed or version_check patterns anywhere in codebase

Proposed Solution

1. Snapshot on session start: Deep-copy the policy in create_context()
2. Add policy_version field to GovernancePolicy (auto-incremented on mutation)
3. pre_execute() should compare context's pinned version against live version and log a warning if they diverge
4. Add GovernancePolicy.snapshot() method for explicit copy

Risk Without Fix

A supply-chain or runtime attack that mutates BaseIntegration.policy silently changes enforcement for ALL active sessions — including sessions that started under the old rules.

/cc @imran-siddique