Add Python script static analysis handler

Adds a handler that can auto-approve safe Python scripts by analyzing
their AST. Uses a whitelist approach: only scripts using known-safe
modules and builtins are approved.

Threat model: This protects against AI coding assistants accidentally
running dangerous scripts, NOT against adversarial/malicious code.
An AI won't deliberately craft bypass code - it might just accidentally
use os.system() or open() for file writes.

Auto-approved:
- python --version, --help
- python -m json.tool, calendar, pydoc
- Scripts using only safe modules (json, re, math, collections, etc.)

Requires confirmation:
- python -c (inline code)
- python -m <arbitrary module>
- Scripts importing os, subprocess, pathlib, socket, etc.
- Scripts using eval, exec, open, __import__

Blocked modules include those with hidden file I/O capabilities:
- gzip, bz2, lzma (have .open() methods)
- codecs (codecs.open())
- inspect (getsource reads files)

src/dippy/cli/__init__.py

@@ -31,9 +31,13 @@ class Classification:
 class CLIHandler(Protocol):
     """Protocol for CLI handler modules."""
 
-    def classify(self, tokens: list[str]) -> Classification:
+    def classify(self, tokens: list[str], cwd: Path | None = None) -> Classification:
         """Classify command for approval.
 
+        Args:
+            tokens: Command tokens (e.g., ["python", "script.py"])
+            cwd: Current working directory for path resolution (optional)
+
         Returns Classification with action and optional description.
         """
         ...