Fix CodeQL security alerts / 修复 CodeQL 安全告警

[SivanCola]

Summary

• Harden archive extraction against traversal and unsafe symlink targets.
• Reject HTTP shell shortcuts and constrain session resume paths to the session directory.
• Scope frontend file references to workspace-relative paths and tighten checkpoint path containment.

Verification

• go test ./internal/codegraph ./internal/control ./internal/serve ./internal/checkpoint ./internal/agent ./internal/fileutil
• CodeQL Go code-scanning suite: 0 results

[chatgpt-codex-connector]

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: 9be176aa2b

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".