feat: add public HTTPS sandbox egress mode

[D01414531]

Description

Adds an opt-in SANDBOX_EGRESS_MODE=public_https mode for sandbox network egress. The default remains allowlist, preserving the existing package-registry allowlist behavior.

In public_https mode, the inline CONNECT proxy permits arbitrary public HTTPS hostnames on port 443 while keeping the existing private/link-local/internal IP protections and iptables enforcement in place. This supports agent workflows that need to retrieve data from public APIs without allowing sandbox processes to bypass the proxy with direct sockets.

Fixes # (no existing issue)

Type of change

• Bug fix (non-breaking change which fixes an issue)
• New feature (non-breaking change which adds functionality)
• Breaking change (fix or feature that would cause existing functionality to not work as expected)
• Documentation update

How Has This Been Tested?

• pytest tests/unit/test_egress_proxy.py -q
• pytest tests/unit/ -q
• pytest tests/integration/ -q
• black src/ tests/unit/test_egress_proxy.py --check
• mypy src/
• bandit -r src/ -s B104,B108 --severity-level high

Additional manual validation on a self-hosted deployment:

• SANDBOX_EGRESS_MODE=public_https allowed sandboxed code to fetch https://api.github.com/rate_limit.
• The same sandboxed code received 403 Forbidden for a private RFC1918 target (https://10.0.0.2/), confirming private target blocking still applies.

Checklist:

• My code follows the style guidelines of this project
• I have performed a self-review of my own code
• I have commented my code, particularly in hard-to-understand areas
• I have made corresponding changes to the documentation
• My changes generate no new warnings
• I have added tests that prove my fix is effective or that my feature works
• New and existing unit tests pass locally with my changes
• Any dependent changes have been merged and published in downstream modules