feat: add agent-device proxy command

[thymikee]

Summary

Adds agent-device proxy to expose a local daemon HTTP endpoint through cloudflared/ngrok-friendly routes, with --host/--port flags and token rewriting to the upstream daemon.

Adds daemon/proxy /health version metadata with rpcProtocolVersion so remote clients can reject incompatible RPC protocol versions before sending commands. Documents the bump policy in ADR 0006.

Adds provider integration coverage for remote client RPC/proxy passthrough and updates HTTP health contract tests.

Validation

Passed focused CLI/proxy/client unit tests, provider HTTP/proxy integration tests with real loopback, daemon HTTP smoke test, typecheck, oxlint, rslib build, oxfmt, and diff whitespace checks.

[github-actions]

Size Report

Metric	Base	Current	Diff
JS raw	1.3 MB	1.3 MB	+10.3 kB
JS gzip	427.6 kB	431.1 kB	+3.5 kB
npm tarball	562.3 kB	565.7 kB	+3.4 kB
npm unpacked	1.9 MB	1.9 MB	+10.3 kB

Startup median (7 runs, lower is better):

Scenario	Base	Current	Diff
CLI --version	21.7 ms	21.8 ms	+0.0 ms
CLI --help	35.1 ms	35.7 ms	+0.6 ms

Top changed chunks:

Chunk	Raw diff	Gzip diff
dist/src/2577.js	+78.8 kB	+25.5 kB
dist/src/cli.js	+6.2 kB	+2.1 kB
dist/src/cli-help.js	+867 B	+288 B
dist/src/9919.js	+1.1 kB	+233 B
dist/src/9873.js	+320 B	+76 B

[thymikee]

CI is blocked on two actionable items before review:

• pnpm test:integration:progress:check reports new unclassified public CLI flags: proxyHost, proxyPort. Please classify them in the progress script bucket that owns proxy/transport-style flags, or add the intended provider-backed coverage if they should be exercised there.
• pnpm check:fallow --base origin/main is failing on new complexity/size findings, led by src/daemon-client-lifecycle.ts:startLocalDaemon and test/integration/provider-scenarios/remote-daemon-client.test.ts. Please split/trim those paths or otherwise address the Fallow gate.

The iOS Smoke failure is in Prepare iOS runner and also appears on #842, so I would treat that as likely shared runner infra until the PR-actionable checks are fixed.

[github-actions]

PR Preview Action v1.8.1
Preview removed because the pull request was closed.
2026-06-23 15:20 UTC

[thymikee]

CI is now down to the iOS Boot iOS test simulator smoke failure from before #845 landed. Since #845 is merged on main, please rebase/update this branch or rerun CI so the workflow picks up the boot-timeout fix.