The review correctly identified that enforce_permission_check() was defined
but never called. This commit:
- Adds enforcer: Option<PermissionEnforcer> field to GlobalToolRegistry
and SubagentToolExecutor
- Adds set_enforcer() method for runtime configuration
- Gates both execute() paths through enforce_permission_check() when
an enforcer is configured
- Default: None (Allow-all, matching existing behavior)
Resolves the dead-code finding from ultraclaw review sessions 3 and 8.
f25363e45d