Prefixes dropped when forwarding caller env. Used for variable families
like CLAUDE_CODE_* and CLAUDE_PLUGIN_* that describe the calling claude
instance, not user state.
Filter an iterator of (String, String) env entries through the denylist.
Use capture_caller_env or capture_env_from_os for OS-sourced env;
this lower-level variant is the right choice when env is already UTF-8.
Variant of capture_env_from that accepts OsString keys and values
(the shape returned by std::env::vars_os()). Lossy-converts both before
applying the denylist. Exposed for tests that want to feed OsString
directly, exercising the same code path as capture_caller_env.
Placeholder cwd for call sites that only exercise launcher resolution
(argv lookup, env builders) and never actually spawn a runtime in the
returned directory. Centralized so future audits can grep for it and know
“this cwd was deliberately not load-bearing.”