fix(auth): skip keychain OAuth injection when harness supplies its own Anthropic credential

[vinnie357]

When the harness already provides ANTHROPIC_API_KEY or a non-cloud ANTHROPIC_BASE_URL (e.g. omlx/local harnesses pointing at http://192.168.65.1:8000), awman was still injecting CLAUDE_CODE_OAUTH_TOKEN from the macOS keychain. Claude Code then sees both and emits "auth may not work", then fails to authenticate.

Fix: add harness_supplies_anthropic_auth(lookup_env) in src/engine/auth/keychain.rs. When it returns true, claude_keychain_credentials() returns an empty vec immediately, before any keychain lookup. Cloud claude harnesses (no ANTHROPIC_API_KEY, base URL absent or *.anthropic.com) are unaffected.

The guard follows the existing lookup_env: &dyn Fn(&str) -> Option<String> pattern from auto_auth_env_overlays so it is hermetically testable without mutating process-global env state. Five unit tests cover: non-empty API key → true, empty API key → false, non-cloud base URL → true, api.anthropic.com → false, nothing set → false.

Also fixes a pre-existing clippy::unnecessary_min_or_max lint in src/frontend/tui/render.rs that blocked cargo clippy --all-targets -- -D warnings.

[vinnie357]

Superseded by #18, which implements the design-aligned fix: dedup the Anthropic credential at container injection time keyed on the harness-DECLARED env (env() overlays) rather than sniffing ambient process env, plus an explicit per-harness auth mode (keychain/passthrough/none). The env-sniff approach here regressed the 'ambient ANTHROPIC_API_KEY without an env() overlay' case and contradicted awman's explicit-env contract. Closing in favor of #18.