fix(backend): use backend SA for runner secret validation

The CreateSession handler was using the caller's K8s client (reqK8s)
to validate ambient-runner-secrets exists. Session ServiceAccounts
created by the operator only have agenticsessions CRD permissions,
not secret-read permission, causing 500 errors when sessions try to
create other sessions via backend tools.

Switch to the backend's own service account (K8sClient) for this
validation check. This is safe because:
- The check is a pre-flight validation, not a user-scoped operation
- The operator also uses its own SA for the same check (line 661)
- Session SA permissions are intentionally minimal (least-privilege)

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

Author: Gkrumbach07

components/backend/handlers/sessions.go

@@ -616,7 +616,9 @@ func CreateSession(c *gin.Context) {
 
 		// Always verify the runner secrets exist (even if registry is unavailable
 		// and requiredKeys is nil — prevents sessions without any API keys).
-		sec, err := reqK8s.CoreV1().Secrets(project).Get(c.Request.Context(), runnerSecretsName, v1.GetOptions{})
+		// Use the backend's own service account (K8sClient) rather than the
+		// caller's token — session ServiceAccounts lack secret-read permission.
+		sec, err := K8sClient.CoreV1().Secrets(project).Get(c.Request.Context(), runnerSecretsName, v1.GetOptions{})
 		if err != nil {
 			if errors.IsNotFound(err) {
 				log.Printf("Session creation blocked: %s secret missing in project %s", runnerSecretsName, project)