feat: LlmCoding panel + Burble integration + ReScript 12 fixes

LLM Coding panel (first Gossamer-target panel):
- LlmCodingModel.res: session, lock, resource, task, permission types
- LlmCodingEngine.res: state colours, health checks, lock conflicts
- LlmCodingCmd.res: Tauri invoke bridge for session management
- LlmCoding.res: TEA view with session cards, resource bars, action gating
- Rust backend: spawn Konsole+Claude, SIGSTOP/SIGCONT/SIGTERM with
  PID validation, coordination directory with 0600 permissions
- Registered in PanelSwitcherModel, PanelRegistry, View, Model, main.rs

Burble voice integration:
- BurbleModel.res: voice state types + TEA messages
- BurbleEngine.res: pure state transitions, workspace profile
- BurbleCmd.res: Tauri invoke bridge for huddle management
- Trustfile updated with LLM_CODING_SECURITY section

ReScript 12 migration fixes (pre-existing build errors):
- Replace {j|...|j} syntax with regular strings (55 occurrences)
- Fix Int.bitwiseXor/bitwiseAnd/shiftRight (use %raw JS)
- Fix String.indexOf option->int return type change
- Fix forward reference ordering in VqlModel.res
- Fix type rec / and syntax for mutually recursive types

Security:
- PID validation before all libc::kill calls
- All .unwrap() removed from llm_coding module
- File permissions 0600 on coordination files
- SAFETY comments on all unsafe blocks
- Trustfile updated with process management policy

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

Author: hyperpolymath

.machine_readable/contractiles/trust/Trustfile.a2ml

@@ -444,6 +444,46 @@ deployment:
     K9 deployment components at Hunt trust level for the collaboration
     server. Layout presets remain at Yard level (pure config, no I/O).
 
+---
+### [LLM_CODING_SECURITY]
+description: |
+  The LLM Coding panel spawns and manages external Claude/LLM processes.
+  This section defines the security boundaries for process management.
+
+process_management:
+  spawn:
+    method: "konsole -e claude"
+    working_dir: "user-specified, validated against allowed repos"
+    task_file: "~/.claude/coordination/tasks/<session-id>.md"
+    permissions: "0600 (owner only)"
+  signals:
+    validation: "PID checked against /proc/<pid>/comm before any signal"
+    allowed_targets: ["konsole", "claude", "bash", "zsh", "node", "deno"]
+    operations: ["SIGSTOP (freeze)", "SIGCONT (thaw)", "SIGTERM (kill)"]
+  coordination:
+    directory: "~/.claude/coordination/"
+    subdirs: ["sessions/", "locks/", "tasks/", "messages/", "completed/"]
+    file_permissions: "0600 (owner read/write only)"
+    lock_type: "advisory (filesystem-based)"
+
+resource_limits:
+  per_session:
+    max_memory_mb: 4096
+    max_cpu_percent: 80
+    max_subagents: 3
+  enforcement: "resource-guardian.service monitors /proc/<pid>/status"
+  escalation: "warn → freeze (SIGSTOP) → thaw (auto on recovery) → kill (last resort)"
+
+permission_gating:
+  description: "Destructive actions require explicit supervisor approval via panel UI"
+  gated_actions:
+    - "git push (any remote)"
+    - "git force push"
+    - "file/directory deletion"
+    - "CI/CD workflow modification"
+    - "GitHub PR/issue creation"
+  policy: "deny by default, explicit approve/deny per action"
+
 ---
 ### [SIGNATURE_BLOCK]
 primary:

src-tauri/Cargo.toml

@@ -38,6 +38,7 @@ walkdir = "2"
 regex = "1"
 libc = "0.2"
 which = "7"
+uuid = { version = "1.22.0", features = ["v4"] }
 
 [dev-dependencies]
 tokio = { version = "1", features = ["macros", "rt"] }