[FEATURE]: Add CPEX WASM isolation support

[terylt]

Epic: CPEX Rust Core (#12)

Summary

Create cpex-hosts::wasm — a wasmtime-based sandbox host for running third-party or untrusted plugins with memory, CPU, and I/O isolation.

Motivation

Third-party and marketplace plugins need stronger isolation than native Rust or Python plugins. WASM provides memory isolation (each plugin gets its own linear memory), CPU limits (fuel metering), crash isolation (a WASM trap doesn't crash the host), and no I/O by default (no filesystem, network, or host memory access unless explicitly granted).

Scope

• WASM plugin host implementing HookHandler<H> — loads .wasm modules via wasmtime
• Host functions exposed to WASM guests under a cpex namespace — read-only payload access, extension access, result construction
• Payload serialization at the WASM boundary — MessagePack in/out of guest linear memory
• Fuel metering for CPU limits, epoch interruption for timeouts
• Plugin SDK (cpex-sdk) compiles to wasm32-wasip1 — plugin authors use the same types
• Configuration: kind: "wasm://path/to/plugin.wasm" in YAML

Acceptance Criteria

• A Rust plugin compiled to .wasm loads and executes inside the WASM host
• WASM plugin cannot access host memory, filesystem, or network by default
• Fuel exhaustion produces a clean error, not a crash
• cpex-sdk compiles to wasm32-wasip1 without modification
• Performance overhead documented relative to native Rust plugins

Dependencies

• Feature-gated in cpex-hosts: wasm = ["wasmtime"]
• cpex-sdk (Issue implicit in Phase 1a — already exists)