Remove or formalize agent-less queued execution fallback

[chubes4]

Problem

Queued AI and system task execution still falls back to a flow/user owner when no agent context exists.

Code references on origin/main (008878b6):

• inc/Core/Steps/AI/AIStep.php:430 — legacy / agent-less flows fall back to flow.user_id.
• inc/Core/Steps/SystemTask/SystemTaskStep.php:324 — system task child execution falls back to parent user_id.

Related closed issue: #2063.

Why this matters

The code logs warnings, but still executes. For a 1.0 agent-first model, queued mutations should either run under a real agent envelope or use an explicit, designed system/anonymous agent with capped permissions. Silent user fallback keeps old flows working but leaves capability enforcement and attribution muddy.

Acceptance criteria

• Decide the 1.0 contract: agent context required, or an explicit system/anonymous agent identity is introduced.
• Remove silent user_id fallback from AIStep and SystemTaskStep, or make it an explicit opt-in repair/migration path.
• Existing unowned flows/pipelines have an operator migration path before behavior is tightened.
• Tests prove queued ability calls run with agent context, not just a broad user context.

AI assistance

• AI assistance: Yes
• Tool(s): OpenCode (GPT-5.5)
• Used for: 1.0 technical-debt audit and issue drafting; Chris requested tracking issues for the findings.