fix: block Windows CMD injection vectors in auto-approved commands

[Secsys-FDU]

Add Windows CMD specific escape character detection.

Context

This PR improves command validation stability on Windows platforms. The current command parser does not explicitly handle the Windows CMD caret escape character (^).This inconsistency can lead to unexpected parsing behavior when processing commands on Windows.

Implementation

Updated src/core/auto-approval/commands.ts to explicitly detect and flag commands containing the caret character (^) when running on the Windows platform (win32).
These commands will now be treated as "dangerous substitutions" and will strictly require explicit user approval, preventing automated execution of the exploit payload.

Screenshots

Before fix: The command is auto-approved and "Vulnerability Reproduced" is printed.
After fix: The agent detects the dangerous pattern and prompts the user for approval.

How to Test

1. On a Windows machine, enable Auto-Approval for git commands.
2. Attempt to run the following payload via the agent:

   git log ^" & echo "calc" ^"

[changeset-bot]

⚠️ No Changeset found

Latest commit: 9ce594b

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

This PR includes no changesets

When changesets are added to this PR, you'll see the packages that this PR includes changesets for and the associated semver types

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR