fix(team): enforce per-team coordinator authz

[yairfalse]

Summary

• keep SYKLI_COORDINATOR_TOKEN as the admin/owner bootstrap token and add stateless HMAC-signed team tokens carrying org, team, and role claims
• add sykli coordinator mint-token --org --team --role for owner/member/approver team tokens
• make Auth.authorize/2 return a principal and enforce tenant scope across coordinator lists, reads, writes, daemon sessions, work items, runs, and gates
• require owner/approver/admin for gate decisions and reject member decisions with coordinator.forbidden
• document the auth model, forbidden error code, and current no-expiry/rotation limitation

Audit note

Verified the old S2 finding was real: Auth.authorize/2 accepted only one global bearer token and returned :ok, while router list filters trusted client-supplied team IDs. This PR closes that by resolving signed team-token principals to concrete org/team IDs and intersecting or rejecting client filters instead of widening access.

Verification

• cd core && mix test
• cd core && mix credo
• cd core && mix escript.build
• test/blackbox/run.sh

Blackbox result: 168 passed, 0 expected-red, 0 failed.

Follow-up

• Team tokens are stateless and currently have no expiry claim. Rotation is by changing the coordinator signing/admin token; explicit expiry/revocation can be added separately.