fix(proxy): isolate session context by session_key and task-label header

[arniesaha]

Closes #179

What changed

• Bridge now includes session_key in the /session payload it sends to the proxy.
• Bridge also forwards x-agentweave-session-key alongside that context push so subsequent LLM requests can resolve the matching per-session forced context.
• Proxy now accepts x-agentweave-task-label as a request-level path for prov.task.label, instead of relying only on the shared session-context fallback.
• While verifying the branch, I fixed a missing task_label parameter threading bug in the proxy trace helpers that was causing a NameError in the test suite.

Why this fixes the issue

Before this change, the proxy already had _forced_session_contexts, but the OpenClaw bridge was still posting /session without session_key, so most traffic continued down the legacy global _session_context path. That meant concurrent agents could still stomp each other's task/session attribution.

This change completes the end-to-end path:

• context is stored per session_key
• requests carry that same session_key
• prov.task.label can come from a per-request header path

Tests

pytest -q sdk/python/tests/test_proxy.py

Result:

• 164 passed in 0.68s

Notes

• This keeps the legacy global path for older callers, but moves the OpenClaw bridge onto the concurrent-safe per-session-key path.