fix(cli): replace shell-string commands with argv arrays

Closes shell-injection attack surface in the legacy CJS layer by replacing
all user-controlled run() / runCapture() shell strings with the new argv-safe
runArgv() / runCaptureArgv() helpers. assertSafeName() guards every
user-supplied sandbox/instance/preset name before it enters any command.

bin/lib/onboard.js  -- all openshell/bash/brew calls -> runArgv;
                       file copies -> fs.cpSync/fs.rmSync (no cp shell)
bin/lib/nim.js      -- docker pull/rm/run/stop/inspect -> runArgv/runCaptureArgv;
                       assertSafeName guard on sandboxName
bin/lib/policies.js -- openshell policy get/set -> runCaptureArgv/runArgv;
                       assertSafeName on sandboxName and presetName;
                       temp policy file written with mode 0o600
bin/nemoclaw.js     -- setupSpark: remove inline NVIDIA_API_KEY=VALUE from
                       sudo argv (sudo -E already inherits env);
                       deploy: assertSafeName on instanceName;
                       sandbox connect/status/logs/destroy -> runArgv

Supersedes PRs: NVIDIA#148 (shell injection), part of NVIDIA#330 (credential leak).

Author: dumko2001

bin/lib/nim.js

@@ -3,7 +3,7 @@
 //
 // NIM container management — pull, start, stop, health-check NIM images.
 
-const { run, runCapture } = require("./runner");
+const { run, runArgv, runCapture, runCaptureArgv, assertSafeName } = require("./runner");
 const nimImages = require("./nim-images.json");
 
 function containerName(sandboxName) {
@@ -121,11 +121,12 @@ function pullNimImage(model) {
     process.exit(1);
   }
   console.log(`  Pulling NIM image: ${image}`);
-  run(`docker pull ${image}`);
+  runArgv("docker", ["pull", image]);
   return image;
 }
 
 function startNimContainer(sandboxName, model, port = 8000) {
+  assertSafeName(sandboxName, "sandbox name");
   const name = containerName(sandboxName);
   const image = getImageForModel(model);
   if (!image) {
@@ -134,12 +135,17 @@ function startNimContainer(sandboxName, model, port = 8000) {
   }
 
   // Stop any existing container with same name
-  run(`docker rm -f ${name} 2>/dev/null || true`, { ignoreError: true });
+  runArgv("docker", ["rm", "-f", name], { ignoreError: true });
 
   console.log(`  Starting NIM container: ${name}`);
-  run(
-    `docker run -d --gpus all -p ${port}:8000 --name ${name} --shm-size 16g ${image}`
-  );
+  runArgv("docker", [
+    "run", "-d",
+    "--gpus", "all",
+    "-p", `${port}:8000`,
+    "--name", name,
+    "--shm-size", "16g",
+    image,
+  ]);
   return name;
 }
 
@@ -150,7 +156,7 @@ function waitForNimHealth(port = 8000, timeout = 300) {
 
   while ((Date.now() - start) / 1000 < timeout) {
     try {
-      const result = runCapture(`curl -sf http://localhost:${port}/v1/models`, {
+      const result = runCaptureArgv("curl", ["-sf", `http://localhost:${port}/v1/models`], {
         ignoreError: true,
       });
       if (result) {
@@ -168,27 +174,27 @@ function waitForNimHealth(port = 8000, timeout = 300) {
 function stopNimContainer(sandboxName) {
   const name = containerName(sandboxName);
   console.log(`  Stopping NIM container: ${name}`);
-  run(`docker stop ${name} 2>/dev/null || true`, { ignoreError: true });
-  run(`docker rm ${name} 2>/dev/null || true`, { ignoreError: true });
+  runArgv("docker", ["stop", name], { ignoreError: true });
+  runArgv("docker", ["rm", name], { ignoreError: true });
 }
 
 function nimStatus(sandboxName) {
   const name = containerName(sandboxName);
   try {
-    const state = runCapture(
-      `docker inspect --format '{{.State.Status}}' ${name} 2>/dev/null`,
+    const state = runCaptureArgv(
+      "docker", ["inspect", "--format", "{{.State.Status}}", name],
       { ignoreError: true }
     );
     if (!state) return { running: false, container: name };
 
     let healthy = false;
-    if (state === "running") {
-      const health = runCapture(`curl -sf http://localhost:8000/v1/models 2>/dev/null`, {
+    if (state.trim() === "running") {
+      const health = runCaptureArgv("curl", ["-sf", "http://localhost:8000/v1/models"], {
         ignoreError: true,
       });
       healthy = !!health;
     }
-    return { running: state === "running", healthy, container: name, state };
+    return { running: state.trim() === "running", healthy, container: name, state: state.trim() };
   } catch {
     return { running: false, container: name };
   }