Clean up permission request approval flow

Replace stringly approval-attempt plumbing with a shared enum, centralize approval decision handling in the orchestrator, and document plus test the reserved PermissionRequest output fields.

Co-authored-by: Codex <noreply@openai.com>

codex-rs/hooks/schema/generated/permission-request.command.output.schema.json

@@ -28,6 +28,7 @@
         },
         "interrupt": {
           "default": false,
+          "description": "Reserved for future short-circuiting semantics.\n\nPermissionRequest hooks currently fail closed if this field is `true`.",
           "type": "boolean"
         },
         "message": {
@@ -35,10 +36,12 @@
           "type": "string"
         },
         "updatedInput": {
-          "default": null
+          "default": null,
+          "description": "Reserved for a future input-rewrite capability.\n\nPermissionRequest hooks currently fail closed if this field is present."
         },
         "updatedPermissions": {
-          "default": null
+          "default": null,
+          "description": "Reserved for a future permission-rewrite capability.\n\nPermissionRequest hooks currently fail closed if this field is present."
         }
       },
       "required": [