Implement SAND-WP-0002 meta-framework foundation (T01–T09)

Add meta-framework spec, pydantic schemas, profile/extension YAML, extension
registry, ext.compose-ssh backend, SandboxManager with State Hub events, CLI
commands, integration docs, capability registry entry, and compose-e2e runbook.
Nine unit tests pass. T10 remote smoke test remains for operator.

docs/integrations/glas-harness.md

@@ -0,0 +1,38 @@
+# glas-harness integration
+
+glas-harness owns the agent gateway, tools, memory, and channels. sand-boxer
+delivers an isolated execution environment; the harness executes tools inside it.
+
+## Example request
+
+```bash
+sandboxer create \
+  --profile profile.agent-dev \
+  --input repo=/path/to/workspace \
+  --actor agt \
+  --project glas-harness
+```
+
+## Response fields (ready state)
+
+| Field | Owner | Description |
+|-------|-------|-------------|
+| `sandbox_id` | sand-boxer | Stable instance identifier |
+| `reachability.ssh` | sand-boxer | SSH target for harness exec channel |
+| `reachability.remote_dir` | sand-boxer | Workspace root on remote host |
+| `state` | sand-boxer | Lifecycle state (`ready`, etc.) |
+
+## Ownership
+
+| Concern | Owner |
+|---------|-------|
+| Sandbox provision / teardown | sand-boxer |
+| Tool call parsing and policies | glas-harness |
+| SSH / tunnel reachability setup | glas-harness + ops-bridge |
+| Agent memory and session state | glas-harness |
+
+## Out of scope for sand-boxer
+
+- Tool schemas and approval flows
+- Channel bridges (Slack, email, etc.)
+- Subagent orchestration

docs/integrations/snuggle-inventor.md

@@ -0,0 +1,37 @@
+# snuggle-inventor integration
+
+snuggle-inventor owns code generation and modernization workflows. sand-boxer
+provides a build sandbox with setup metadata resolved at the provision boundary.
+
+## Example request
+
+```bash
+sandboxer create \
+  --profile profile.build \
+  --input repo=/path/to/target \
+  --actor agt \
+  --project snuggle-inventor
+```
+
+## Response fields (ready state)
+
+| Field | Owner | Description |
+|-------|-------|-------------|
+| `sandbox_id` | sand-boxer | Build environment instance |
+| `reachability.ssh` | sand-boxer | Remote workspace access |
+| `profile.setup.secret_refs` | sand-boxer resolves | Secrets never returned to agent context |
+
+## Ownership
+
+| Concern | Owner |
+|---------|-------|
+| Sandbox provision and teardown | sand-boxer |
+| Setup instructions content (Blitzy-style) | snuggle-inventor |
+| Generated code and PR output | snuggle-inventor |
+| Secret resolution at boundary | sand-boxer (via ops-warden / OpenBao) |
+
+## Out of scope for sand-boxer
+
+- Code generation prompts and tech specs
+- AAP-style planning
+- PR creation and review loops

docs/integrations/wise-validator.md

@@ -0,0 +1,40 @@
+# wise-validator integration
+
+wise-validator owns e2e test orchestration, health check semantics, and pass/fail
+interpretation. sand-boxer delivers the compose environment; wise-validator runs
+the validation story on top.
+
+## Example request
+
+```bash
+sandboxer create \
+  --profile profile.compose-e2e \
+  --input repo=/path/to/repo \
+  --actor atm \
+  --project wise-validator
+```
+
+## Response fields (ready state)
+
+| Field | Owner | Description |
+|-------|-------|-------------|
+| `sandbox_id` | sand-boxer | Instance id for the validation run |
+| `reachability.ssh` | sand-boxer | SSH endpoint for test execution |
+| `reachability.compose_project` | sand-boxer | Docker compose project name |
+| `reachability.remote_dir` | sand-boxer | Synced repo path on remote host |
+
+## Ownership
+
+| Concern | Owner |
+|---------|-------|
+| Environment provision (rsync + compose up) | sand-boxer |
+| `e2e/e2e.yml` parsing and semantics | wise-validator |
+| HTTP health polling and timeouts | wise-validator |
+| Test command execution and reporting | wise-validator |
+| State Hub test result events | wise-validator |
+
+## Out of scope for sand-boxer
+
+- Running `test_command` from e2e.yml
+- Interpreting health check pass/fail
+- Posting validation results to State Hub