feat(policy): implement project-level policy support

Introduces a new 'Project' tier (Tier 3) for policies, allowing users to define
project-specific rules in `$PROJECT_ROOT/.gemini/policies`.

Key Changes:
- **Core**: Added `PROJECT_POLICY_TIER` (3) and bumped `ADMIN_POLICY_TIER` to 4.
  Updated `getPolicyDirectories`, `getPolicyTier`, and `createPolicyEngineConfig` to handle
  project-level policy directories.
- **Storage**: Added `getProjectPoliciesDir()` to the `Storage` class.
- **CLI**: Updated `loadCliConfig` to securely load project policies.
  Crucially, project policies are **only loaded if the workspace is trusted**.
- **Tests**: Added comprehensive tests for both core policy logic and CLI integration,
  verifying priority hierarchy (Admin > Project > User > Default) and trust checks.

This hierarchy ensures that project-specific rules override user defaults but are still
subject to system-wide admin enforcement.

packages/cli/src/config/config.ts

@@ -40,6 +40,7 @@ import {
   Config,
   applyAdminAllowlist,
   getAdminBlockedMcpServersMessage,
+  Storage,
   type HookDefinition,
   type HookEventName,
   type OutputFormat,
@@ -692,9 +693,15 @@ export async function loadCliConfig(
     policyPaths: argv.policy,
   };
 
+  let projectPoliciesDir: string | undefined;
+  if (trustedFolder) {
+    projectPoliciesDir = new Storage(cwd).getProjectPoliciesDir();
+  }
+
   const policyEngineConfig = await createPolicyEngineConfig(
     effectiveSettings,
     approvalMode,
+    projectPoliciesDir,
   );
   policyEngineConfig.nonInteractive = !interactive;