feat(sandbox): debug-gated L7 egress request/response header logging

[vessux]

Summary

Adds DEBUG-gated, secret-free L7 egress request/response header logging to the in-container supervisor, plus the activation path to reach it. Enables capturing billing-relevant headers (anthropic-beta/oauth-2025-04-20 on requests; anthropic-ratelimit-unified-* incl. overage-status on responses) for testing — without leaking anything in normal runs.

Fast-forwards onto main (4 commits appended; no rewrite).

Related Issue

Fork delta tracked downstream in openlock (bd openlock-dlv). No upstream issue.

Changes

• l7/rest.rs: behind tracing::enabled!(DEBUG) (off by default), log anthropic-beta on the request and the anthropic-ratelimit-* / overage-status family on the response. Never logs Authorization or any credential. Header value is embedded in the message string (the shorthand layer drops structured fields for non-OCSF events).
• main.rs: the rolling file log layer now follows the configured level (floored at info), so --log-level debug surfaces the debug header lines in /var/log/openshell.*.log (previously hardcoded to info). Adds a unit-tested file_log_level helper.
• cli: --log-level on openshell sandbox create sets SandboxSpec.log_level (existing proto field; drivers already pass it through as OPENSHELL_LOG_LEVEL).

No proto field-number changes.

Testing

• cargo test -p openshell-sandbox (incl. file_log_level helper) — pass
• cargo clippy -p openshell-sandbox and -p openshell-cli --all-targets --features openshell-prover/bundled-z3 — clean
• Live e2e (macOS/podman): real claude_code completion through the cred-injected proxy; captured anthropic-beta: …,oauth-2025-04-20,… and anthropic-ratelimit-unified-overage-status: rejected via openlock logs.

Checklist

• Conventional commits
• No secrets logged (headers only; never Authorization)
• Debug-gated / off by default
• No proto field-number collisions