Add initialize-time server request capabilities so app-server only sends conversational permission confirmation requests to clients that advertise support.
Unsupported clients still fail closed without changing permissions, while capable clients receive the existing request/response flow for narrow grants and preset picker requests.
Enable `request_permissions_tool` by default and add a scope hint so
conversational requests for named paths can open the permissions UI with
the requested duration selected.
Thread the suggested scope through protocol, core, app-server, and TUI
handling so broad mode changes still use the preset picker while narrow
filesystem and network grants use the granular permissions flow.
Adds a built-in `request_permissions` tool and wires it through the
Codex core, protocol, and app-server layers so a running turn can ask
the client for additional permissions instead of relying on a static
session policy.
The new flow emits a `RequestPermissions` event from core, tracks the
pending request by call ID, forwards it through app-server v2 as an
`item/permissions/requestApproval` request, and resumes the tool call
once the client returns an approved subset of the requested permission
profile.
