SHA-1 is cryptographically broken and vulnerable to collision
attacks. Replace all internal usages with SHA-256:
- sandbox session key slugs (shared.ts)
- sandbox config change detection (config-hash.ts)
- tool call ID generation (tool-call-id.ts)
- gateway lock file naming (gateway-lock.ts)
All hashes are ephemeral (session-scoped slugs, lock filenames,
tool IDs) so the algorithm change has no persistence impact.
Fixes#2994
