Approval-mode resolver for governed tool proposals.

Precedence: tool-declared approval_mode → host config override for the tier → Cairnloop.Tool.derive_approval_mode/1 tier default.

Phase 15 seam: Extend ONLY this module (resolve/3) to factor in actor scope and runtime context (the PDP). No schema change or call-site change needed. The resolver's function signature stays fixed; Phase 15 adds policy-context logic inside it.

Tighten-only by default (D-13): A host may configure approval_mode_overrides to make the gate stricter (e.g. :read_only → :requires_approval). Loosening below the tier default (e.g. :destructive → :auto) is an explicit host-config choice and should be noted in the host's configuration documentation.