pass giteaRepo to agent runner; add runner secret auth on PATCH

- Sessions route now reads giteaRepo from project.data and forwards it
  to /agent/execute so the runner can clone/update the correct repo
- PATCH route now validates x-agent-runner-secret header to prevent
  unauthorized session output injection

Made-with: Cursor

app/api/projects/[projectId]/agent/sessions/[sessionId]/route.ts

@@ -64,10 +64,14 @@ export async function PATCH(
 ) {
   /**
    * Internal endpoint called by vibn-agent-runner to append output lines
-   * and update status. Not exposed to users directly.
-   *
-   * Body: { status?, outputLine?, changedFile? }
+   * and update status. Requires x-agent-runner-secret header.
    */
+  const secret = process.env.AGENT_RUNNER_SECRET ?? "";
+  const incomingSecret = req.headers.get("x-agent-runner-secret") ?? "";
+  if (secret && incomingSecret !== secret) {
+    return NextResponse.json({ error: "Forbidden" }, { status: 403 });
+  }
+
   try {
     const { sessionId } = await params;
     const body = await req.json() as {