fix: harden scoped memory tools and projection lifecycle

[esafwan]

Motivation

• Provide a safe, mergeable MVP for scoped memory so memory CRUD, search and knowledge promotion enforce per-scope permissions and do not expose Site/Global/Role memory to non-managers.
• Restore real handler implementations for memory tooling (not placeholders) so agents can use memory operations and memory → knowledge projection uses the existing Knowledge Input pipeline without claiming immediate indexing.
• Wire native tool types so Agent Tool Function documents can directly map to memory handlers for a clean operator UX.

Description

• Implemented a hardened huf/ai/memory_tools.py with whitelisted APIs save_memory_record, get_memory_record, search_memory_records, archive_memory_record, and promote_memory_to_knowledge, plus handler aliases handle_* for each public function, and safe helpers (_is_manager, _resolve_scope_key, _can_read_memory, _can_write_memory, _json_value).
• Enforced scope-aware read/write rules in-code (manager override, Guest blocked, non-managers blocked from Role/Workspace/Site/Global writes, non-managers cannot promote to knowledge, conversation/user/agent checks), capped search results to 50, and implemented query matching across title, summary_text, record_type, and tags.
• Added native tool type options to huf/huf/doctype/agent_tool_function/agent_tool_function.json (Save Memory Record, Search Memory Records, Get Memory Record, Archive Memory Record, Promote Memory to Knowledge) and wired those types to the handlers inside huf/ai/sdk_tools.py so tools created from Agent Tool Function documents can call memory handlers directly.
• Ensured save_memory_record resolves scope_key safely (conversation/user/agent/site/global), prevents helper/parameter shadowing, and calls queue_knowledge_projection() only when appropriate and manager-permitted; all DB writes use explicit permission-aware saves (ignore_permissions=False where applicable).

Testing

• Ran Python compile checks which succeeded: python -m py_compile huf/ai/memory_tools.py, python -m py_compile huf/huf/doctype/memory_record/memory_record.py, and python -m py_compile huf/huf/doctype/memory_policy/memory_policy.py (all passed).
• Attempted bench/site commands in this environment but they are not available: bench --site all migrate, bench --site all clear-cache, and bench build --app huf (failed due to bench: command not found).
• Note: full integration tests and site-level validation should be run in a real Frappe/Bench environment with the recommended commands bench --site <site> migrate, bench --site <site> run-tests --app huf --doctype "Memory Record" and bench build --app huf before merging.

---

Codex Task

[esafwan]

Superseded by the unified implementation in PR #282.

All the code and concepts from this PR have been integrated into that branch, alongside fully functioning background learning agents and hybrid search backends.