fix(cli): trust native OS certificate roots for installer HTTP requests

[niieani]

Summary

agent-browser install fails on enterprise-managed networks that TLS-intercept HTTPS traffic with a locally trusted corporate CA.

The CLI currently builds reqwest and tokio-tungstenite against rustls-tls-webpki-roots, which only trusts the bundled Mozilla/webpki root set. That bypasses the macOS/Windows system trust store, so requests that succeed in curl or the browser can still fail inside agent-browser with:

Failed to fetch version info: error sending request for url (https://googlechromelabs.github.io/chrome-for-testing/last-known-good-versions-with-downloads.json)

This patch switches both crates to native OS trust roots and enables reqwest's system proxy features.

Why this change

• Fixes agent-browser install behind enterprise TLS interception / SSL inspection
• Aligns CLI trust behavior with the host operating system
• Improves compatibility for other HTTPS and WSS requests made by the CLI

Verification

• cargo check
• Reproduced the original failure before the patch on a macOS machine with Netskope TLS interception
• Re-ran cargo run -- install after the patch; it successfully fetched the Chrome-for-Testing manifest and started downloading Chrome instead of failing during the initial HTTPS request

[vercel]

@niieani is attempting to deploy a commit to the Vercel Labs Team on Vercel.

A member of the Team first needs to authorize it.