fix(detection): symlinked path detection

[swarit-stepsecurity]

What does this PR do?

Type of change

• Bug fix
• Enhancement
• Documentation

Testing

• Tested on macOS (version: ___)
• Binary runs without errors: ./stepsecurity-dev-machine-guard --verbose
• JSON output is valid: ./stepsecurity-dev-machine-guard --json | python3 -m json.tool
• No secrets or credentials included
• Lint passes: make lint
• Tests pass: make test

Related Issues

[Copilot]

Pull request overview

This PR improves AI tool/agent detection by resolving symlinked (notably npm-installed) CLI/agent binaries to a more meaningful install_path, and by making version parsing resilient to warning/decorated --version output.

Changes:

• Add Executor.EvalSymlinks (real + mock + user-aware wrapper) and use it to resolve symlinked binary paths.
• Populate install_path for AI CLI tools and general agents (including npm package-root extraction and Windows .cmd shim parsing).
• Make version extraction consistent across detectors by scanning output lines for version-like tokens; adjust agent detection to avoid false positives from stale/empty config dirs and add tests.

Reviewed changes

Copilot reviewed 9 out of 9 changed files in this pull request and generated 2 comments.

Show a summary per file

File	Description
internal/executor/user_aware.go	Adds EvalSymlinks passthrough so the wrapper continues to satisfy Executor.
internal/executor/mock.go	Adds symlink stubbing and a mock EvalSymlinks implementation for tests.
internal/executor/executor.go	Extends the Executor interface and implements EvalSymlinks for the real executor.
internal/detector/framework.go	Uses shared version extraction helper to handle decorated --version output.
internal/detector/framework_test.go	Adds coverage for framework version parsing when warnings precede the version line.
internal/detector/aicli.go	Adds install-path resolution (symlinks + npm roots + Windows shim parsing) and shared version extraction.
internal/detector/aicli_test.go	Adds tests for npm symlink resolution, Windows shim parsing, and decorated version output.
internal/detector/agent.go	Requires a resolved binary for agent detection; adds install-path resolution + config-dir selection logic.
internal/detector/agent_test.go	Updates/extends tests to validate binary-required detection and npm install-path behavior.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.