fix: strip project discovery from system prompt to prevent wrong-channel minion routing

[chubes4]

Summary

Agents running under the dm-context-filter plugin could still discover other Discord channel IDs and spawn minion sessions there, violating the "one agent per Discord channel" boundary. Refs Extra-Chill/data-machine-code#49.

The existing filter stripped the ## cross-project commands section, but three residual vectors let channel IDs leak back into the system prompt:

1. ## reading other sessions — documented kimaki session list --project /path/to/project and kimaki session search --channel <channel_id>. Direct project-and-channel discovery surface.
2. Project-discovery inlines — stray kimaki project list|add|create, kimaki send --project, and bare kimaki send --channel <channel_id> examples scattered across surviving sections (scheduled sends, opencode commands, handoff instructions).
3. No positive counter-instruction — once the agent learned a channel ID some other way (training data, kimaki --help, another agent mentioning it), nothing told it not to use that ID.

What this PR changes

kimaki/plugins/dm-context-filter.ts:

• Strip ## reading other sessions as a whole section. On a single-project fleet server the agent only ever needs kimaki session list (no flags) for the current project — the flag-heavy documentation is pure leakage.
• Add stripProjectDiscoveryInlines() to catch surviving lines that reference kimaki project list|add|create, kimaki send --project <dir>, or kimaki send --channel <channel_id> (literal placeholder — the current-channel \${channelId} form is substituted to a concrete numeric ID before the plugin runs, so it never matches and stays intact).
• Inject ## Minion Session Routing at the end of the system prompt. Positive defense-in-depth instruction: all minion sessions stay in the current channel; cross-repo work uses kimaki send --cwd /path/to/repo (same channel, different checkout) or Data Machine Code's workspace worktrees.

Updated the header comment block to document items 10 and 11 (reading-other-sessions + project-discovery inlines) and the new positive-injection behavior.

Verification

• Regex patterns targeted against the exact strings in kimaki/cli/src/system-message.ts (line 635 for session search --channel <channel_id>, lines 652-670 for the ## cross-project commands block, line 667 for kimaki send --channel <channel_id>).
• The \${channelId} template variable is substituted before experimental.chat.system.transform runs, so the current session's baked-in channel ID (numeric, e.g. 1493345787894038649) does not match the <channel_id> placeholder regex — current-channel examples in ## starting new sessions from CLI are preserved.
• Conservative line-level regexes — each pattern anchors on a full line starting with kimaki <verb> to avoid mangling prose that happens to mention --project or --channel.

AI assistance

• AI assistance: Yes
• Tool(s): Claude Code (Sonnet 4.5)
• Used for: Drafted the two new helper functions (stripProjectDiscoveryInlines, appendMinionRoutingInstruction), updated the header-comment block, and composed this PR body. Chris reviewed the regex patterns against the actual system-prompt source in kimaki/cli/src/system-message.ts and verified the existing filter coverage before adding the new strips.