Add example policy pack: sql-explorer (read-only database agent)

[saivedant169]

Problem

Data analysts and BI teams want to give a coding agent read-only access to a database so it can answer questions. None of our shipped policy packs fit this case cleanly. readonly.yaml blocks too much (no shell at all), pr-writer.yaml is tuned for code not data, and infra-review.yaml is too permissive.

Acceptance criteria

• New file: starter-kit/policies/sql-explorer.yaml
• Allows: sql.select (always), github.list_*, github.get_* (for finding schemas in a repo)
• Reviews: sql.insert, sql.update (with WHERE clause)
• Blocks: sql.delete, sql.drop_*, sql.truncate, sql.grant, sql.revoke, any shell command except read-only ones, any GitHub write
• Default decision: block
• Header comment explains when to use this pack (BI agents, data exploration, read-only analytics)
• Tuning notes file at starter-kit/policies/sql-explorer-tuning-notes.md
• Added to starter-kit/README.md policy pack list

Files to create or touch

• starter-kit/policies/sql-explorer.yaml (new)
• starter-kit/policies/sql-explorer-tuning-notes.md (new)
• starter-kit/README.md

How to test locally

./bin/aegisctl policy-pack show sql-explorer
# Should print the rules

./bin/aegisctl test-action --dry-run --protocol sql --tool sql.select --target prod
# Expected: allow

./bin/aegisctl test-action --dry-run --protocol sql --tool sql.drop_table --target prod
# Expected: block

Notes

Look at starter-kit/policies/pr-writer.yaml for the format. Keep it short and opinionated. The --dry-run flag is currently in issue #83; if it is not merged yet, test against a running server instead.