fix: validate shared event lifecycle intake

[coolboy1379]

Closes #1870.

Summary

• add an orchestrator lifecycle event intake guard for shared bus events
• enforce tenant ownership, attempt/revision freshness, and allowed lifecycle transitions before mutating agent state
• record sanitized rejection audit records and metrics without storing event payloads
• make sandbox resource-limit imports safe on non-POSIX platforms so registry/engine tests collect on Windows

Validation

• .\.venv\Scripts\python.exe -m pytest tests\test_engine_events.py -q --tb=short -> 4 passed
• .\.venv\Scripts\python.exe -m pytest tests\test_engine_events.py tests\test_scheduler.py tests\test_agent_registry.py -q --tb=short -> 17 passed
• .\.venv\Scripts\python.exe -m flake8 src\orchestrator\engine.py src\agent\sandbox.py tests\test_engine_events.py -> passed
• .\.venv\Scripts\python.exe -m py_compile src\orchestrator\engine.py src\agent\sandbox.py tests\test_engine_events.py -> passed
• git diff --check -> passed

Note: tests/test_metrics.py still times out locally on Windows because MetricsCollector.stop_timer() holds the lock while calling observe(); I left that pre-existing behavior out of this fix.