feat: add offline agent policy report RPCs

[JOY (JOY)]

Summary

• add client-bound Nakama RPCs for offline-agent policy updates and return reports
• support safe, balanced, and risky policy profiles with low-BodyTime override and dead-body rejection
• keep high-risk Gate entry disabled server-side until explicit policy support exists
• build return reports from stored agent activity plus gameplay ledger rows, not client-generated fiction
• update ADR 0012 and the alpha backlog packet for the new RPC boundary

Verification

• npm.cmd run build in backend/nakama
• npm.cmd test in backend/nakama after build
• npx.cmd markdownlint-cli2 "CHANGELOG.md" "docs/adr/0012-nakama-rpc-boundaries.md" "docs/design/45-alpha-backlog-execution-packets.md"
• git diff --check

Local review fallback

• APPROVED: Nakama owns policy persistence and report data; no Unity package/scene changes; high-risk Gate is fail-closed; LLM output remains non-authoritative.

Covers the backend slice of #149. Unity UI wiring remains for the player-facing policy panel and report screen.

[chatgpt-codex-connector]

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: 17595f7a43

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "Codex (@codex) review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "Codex (@codex) address that feedback".

[chatgpt-codex-connector]

Accept legacy policy modes when normalizing stored policy

The new normalizeOfflineAgentPolicyProfile throws for any profile string outside safe|balanced|risky (plus two aliases), but normalizePolicy now derives policy_profile from existing policy.mode. Before this commit, normalizePolicy accepted arbitrary mode values, so older user records can legitimately contain other mode strings (for example written through historical secondspawn_soul_update calls). After this change, loading those records will fail with offline agent policy profile is not allowed, which can break context hydration and make multiple RPCs unusable for affected accounts unless a backward-compatible fallback or migration path is added.

Useful? React with 👍 / 👎.

[chatgpt-codex-connector]

Build return report from server-validated activity sources

secondspawn_agent_return_report is presented as server-owned reporting, but it reads directly from context.body.agent_activity and gameplay ledger rows that can be written from the client RPC secondspawn_agent_activity_add (which accepts client-provided summary and metrics). This lets a client fabricate offline outcomes in the returned report (attempt counts, fallback/model mix, reward deltas) without any authoritative validation path, violating the stated “not client-generated fiction” boundary for this feature.

Useful? React with 👍 / 👎.