feat: secure daemon access and add native list/register

[kuverabridge]

Summary

This PR closes two gaps between the current implementation and the documented agent workflow:

1. Secure the local browser daemon with token-based auth and tighter access rules
2. Add native autocli list and autocli register subcommands

Changes

• add persistent daemon token generation/loading under ~/.autocli/daemon-token
• require the daemon token on /status and /command
• remove permissive daemon-wide CORS behavior
• restrict daemon WebSocket upgrades to browser extension origins
• make the daemon client automatically send the daemon token
• add native autocli list to render discovered adapters and registered external CLIs
• add native autocli register to upsert entries into ~/.autocli/external-clis.yaml
• add external CLI name collision and binary existence validation
• keep the browser extension protocol on the default upstream daemon port (19825)

Validation

• npm run build in extension/
• cargo check -q
• cargo test -q -p autocli-browser -p autocli-external -p autocli

Notes

• current upstream docs already reference autocli list / autocli register, so this brings the CLI surface in line with the documented agent workflow
• daemon hardening is intentionally minimal and local-first: token auth for HTTP calls plus extension-origin checks for the WebSocket bridge