feat: snapshot/restore checkpoints (SAND-WP-0007)

Add workspace checkpoint API with SnapshotStore, extension hooks on
compose-ssh and saas-stub, manager orchestration, CLI/HTTP surface,
profile.compose-checkpoint, and docs/tests.

docs/meta-framework.md

@@ -16,7 +16,7 @@ agent harnessing, validation, and code generation.
 | **Extension** | Backend adapter implementing provision / wait_ready / teardown |
 | **Host** | Registered placement target for self-hosted extensions; read-only telemetry via `profile.sandbox-canary` (see `docs/host-telemetry.md`) |
 | **Sandbox** | Running instance of a profile |
-| **Snapshot** | Point-in-time workspace checkpoint (deferred — SAND-WP-0003) |
+| **Snapshot** | Point-in-time workspace checkpoint (`sandboxer snapshot` / `restore`) |
 | **Route** | Extension selection policy when multiple backends qualify |
 | **Meter** | Usage record for payments layer (SaaS extensions — SAND-WP-0006) |
 
@@ -85,7 +85,7 @@ Extends the `build-agent` self-register pattern: generic sandbox identities carr
 | `extend_ttl` | Extend time-to-live | Stub |
 | `recreate` | Destroy and reprovision from stored seed | **Yes** |
 | `destroy` | Idempotent teardown | **Yes** |
-| `snapshot` / `restore` | Checkpoint workspace | Deferred (SAND-WP-0003) |
+| `snapshot` / `restore` | Checkpoint workspace | **Yes** (compose-ssh, saas-stub) |
 | `exec` | Run command in sandbox | Harness-owned via SSH (glas-harness) |
 
 HTTP surface (optional v0; CLI calls core library directly):
@@ -94,6 +94,9 @@ HTTP surface (optional v0; CLI calls core library directly):
 - `GET /v1/sandboxes/{id}` — get
 - `GET /v1/sandboxes` — list
 - `DELETE /v1/sandboxes/{id}` — destroy
+- `POST /v1/sandboxes/{id}/snapshot` — checkpoint
+- `POST /v1/snapshots/{id}/restore` — restore
+- `GET /v1/snapshots` — list checkpoints
 
 ---