fix(broker): allow term-llm-reviewer image tag in build policy (#35)

Add term-llm-reviewer: prefix to the allowed image tags list alongside
term-compiler: and ghcr.io/ prefixes. This fixes the policy violation
error when building LLM reviewer images for agent evaluation.

Author: echobt

crates/secure-container-runtime/src/broker.rs

@@ -876,9 +876,12 @@ impl ContainerBroker {
         use bollard::image::BuildImageOptions;
 
         // Verify policy allows building this tag
-        // For now, only allow term-compiler images or specific tags
+        // Allow term-compiler, term-llm-reviewer, and ghcr.io images
         // This is a basic check, could be expanded in SecurityPolicy
-        if !tag.starts_with("term-compiler:") && !tag.starts_with("ghcr.io/") {
+        if !tag.starts_with("term-compiler:")
+            && !tag.starts_with("term-llm-reviewer:")
+            && !tag.starts_with("ghcr.io/")
+        {
             let err = format!("Image tag not allowed: {}", tag);
             self.audit(
                 AuditAction::ImageBuild,