feat(WARDEN-WP-0014): T4 — key-cape login orchestration lane

Adds a lane: secret|login field to RouteEntry. The login lane is an
interactive auth bootstrap: it skips the caller-auth precheck (no token
yet — that's the point) and the secret-read gate (it establishes the
identity the gate needs), runs the owner's login command interactively
as the caller via inherited stdio, and rejects --exec. The token stays
in the caller's own store; warden never captures it (G2 holds). Audited
as action: login. key-cape-oidc-login populated as the reference login
entry. Advisory proxy hint updated now that T3 has shipped.

172 passed, lint clean.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>

workplans/WARDEN-WP-0014-operator-access-assist.md

@@ -153,14 +153,20 @@ state_hub_task_id: "6d3eb0e4-309c-4065-893e-6c4053fb0db2"
 
 ```task
 id: WARDEN-WP-0014-T04
-status: todo
+status: done
 priority: medium
 state_hub_task_id: "481997e4-193d-4724-84a6-61cbc2940153"
 ```
 
-- [ ] Extend `warden access` to orchestrate the key-cape/Keycloak OIDC login flow
-      (interactive tool hand-off) under the same advisory/proxy split.
-- [ ] Login lane respects G1–G3; no token caching by warden.
+- [x] Extend `warden access` to orchestrate the key-cape/Keycloak OIDC login flow
+      under the same advisory/proxy split. New `lane: secret|login` field on
+      `RouteEntry`; `key-cape-oidc-login` populated as a `login` lane entry.
+- [x] Login lane semantics: no caller-auth precheck (you have no token yet) and no
+      secret-read gate (it bootstraps the identity the gate needs); runs interactively
+      as the caller via inherited stdio; `--exec` rejected. Token stays in the caller's
+      own store — warden never captures it (G2 holds). Audited as `action: login`.
+- [x] Tests in `tests/test_proxy.py` (runs without token/ack, rejects --exec, real
+      catalog lane, invalid-lane rejection). Live fake-`bao login` smoke confirmed.
 
 ### T5 — Docs, security model, and INTENT/SCOPE alignment