Previously, matchAllowlist() skipped all patterns without path separators
(like 'pwd', 'ls', 'date'), making it impossible to allowlist commands by
their simple executable name. The bug was caused by 'if (!hasPath) continue;'
which short-circuited before matching against executableName.
Now simple patterns match against executableName, and path-based patterns
fallback to rawExecutable when resolvedPath is undefined.
When creating exec tools via chat/Discord, agentId was not passed,
causing allowlist lookup to use 'default' key instead of 'main'.
User's allowlist entries in agents.main were never matched.
Now derives agentId from sessionKey if not explicitly provided,
ensuring correct allowlist lookup for all exec paths.