[WIP] Audit privacy-boundary and leakage risks in Meshspaces planning

[Copilot]

Thanks for asking me to work on this. I will get started on it and keep this PR's description up to date as I form a plan and make progress.

---

This section details on the original issue you should resolve

<issue_title>[Copilot Planning] Meshspaces privacy-boundary and cross-context leakage audit</issue_title>
<issue_description>Context: We are planning Meshspaces for Canopy: one machine managing multiple fully isolated mesh runtimes via a thin shell. This issue is for planning/review support against the repo as it exists today. We are not implementing Meshspaces in this issue.

Goal: Identify privacy-boundary failures, hidden cross-context leakage risks, and UI/shell conveniences that would quietly undermine isolation.

Focus areas:

• browser state collisions (cookies, localStorage, session, CSRF, notifications)
• shell-level previews and shared-screen leakage risk
• wrong-mesh actions caused by stale state or ambiguous context
• machine-local vs shell-local vs mesh-local data confusion
• invite import and mesh label/GUID collision risks
• child-runtime vs shell trust boundary

Expected deliverable:

• Open a PR from a Copilot branch with a concise findings report in docs/meshspaces-review/privacy-boundary-audit.md
• If helpful, make small doc/spec clarifications only. Do not start Meshspaces implementation.

Ground rules:

• Do not implement multi-mesh runtime behavior.
• Prefer findings, checklists, and doc clarifications over code changes.
• If you identify missing tests or APIs, document them rather than building the feature.
• Prioritise privacy and scope-boundary failures over convenience.</issue_description>

<agent_instructions>This is a planning and review task, not a Meshspaces implementation task. Work against the repository as it exists today. Prefer findings reports, doc updates, edge-case analysis, and concrete API/UI/permission recommendations over product code changes. Do not start building Meshspaces. Prioritise privacy, security, onboarding, wrong-target risk, migration safety, and explicit per-mesh targeting requirements.</agent_instructions>

Comments on the Issue (you are @copilot in this section)