core: remove stale apply_patch SandboxPolicy TODO in seatbelt

The TODO in core/src/seatbelt.rs claimed that apply_patch still needed to
honor SandboxPolicy. That was true when the comment was added, but it is no
longer true.

Analysis:
- The TODO was introduced in commit 5a0ad5ab8f (PR #1762), when seatbelt code
  was split out of exec.rs.
- apply_patch sandboxing was later implemented in commit 355cded1ab
  (PR #1705: "fix: run apply_patch calls through the sandbox").
- Today, apply_patch calls are routed through the tool orchestrator and
  delegated to ApplyPatchRuntime, which executes via execute_env using the
  active sandbox attempt policy.
- On macOS, the sandbox transform path for that execution still builds
  seatbelt args with create_seatbelt_command_args(command, policy,
  sandbox_policy_cwd), so the same SandboxPolicy gates apply_patch writes and
  network behavior.

Because this behavior is already enforced, the TODO is stale and removing it
avoids implying missing sandbox coverage where none exists.

No functional behavior change; comment-only cleanup.

codex-rs/core/src/seatbelt.rs

@@ -243,7 +243,6 @@ pub(crate) fn create_seatbelt_command_args(
         ""
     };
 
-    // TODO(mbolin): apply_patch calls must also honor the SandboxPolicy.
     let proxy = proxy_policy_inputs(network);
     let network_policy = dynamic_network_policy(sandbox_policy, enforce_managed_network, &proxy);