rename Fence to Greywall as GreyHaven sandboxing component

Rebrand the project from Fence to Greywall, the sandboxing layer of the
GreyHaven platform. This updates:

- Go module path to gitea.app.monadical.io/monadical/greywall
- Binary name, CLI help text, and all usage examples
- Config paths (~/.config/greywall/greywall.json), env vars (GREYWALL_*)
- Log prefixes ([greywall:*]), temp file prefixes (greywall-*)
- All documentation, scripts, CI workflows, and example files
- README rewritten with GreyHaven branding and Fence attribution

Directory/file renames: cmd/fence → cmd/greywall, pkg/fence → pkg/greywall,
docs/why-fence.md → docs/why-greywall.md, example JSON files, and banner.

docs/README.md

@@ -1,26 +1,26 @@
-# Fence Documentation
+# Greywall Documentation
 
-Fence is a sandboxing tool that restricts network and filesystem access for arbitrary commands. It's most useful for running semi-trusted code (package installs, build scripts, CI jobs, unfamiliar repos) with controlled side effects.
+Greywall is a sandboxing tool that restricts network and filesystem access for arbitrary commands. It's most useful for running semi-trusted code (package installs, build scripts, CI jobs, unfamiliar repos) with controlled side effects.
 
 ## Getting Started
 
-- [Quickstart](quickstart.md) - Install fence and run your first sandboxed command in 5 minutes
-- [Why Fence](why-fence.md) - What problem it solves (and what it doesn't)
+- [Quickstart](quickstart.md) - Install greywall and run your first sandboxed command in 5 minutes
+- [Why Greywall](why-greywall.md) - What problem it solves (and what it doesn't)
 
 ## Guides
 
 - [Concepts](concepts.md) - Mental model: OS sandbox + local proxies + config
 - [Troubleshooting](troubleshooting.md) - Common failure modes and fixes
-- [Using Fence with AI agents](agents.md) - Defense-in-depth and policy standardization
+- [Using Greywall with AI agents](agents.md) - Defense-in-depth and policy standardization
 - [Recipes](recipes/README.md) - Common workflows (npm/pip/git/CI)
 - [Templates](./templates.md) - Copy/paste templates you can start from
 
 ## Reference
 
 - [README](../README.md) - CLI usage
-- [Library Usage (Go)](library.md) - Using Fence as a Go package
-- [Configuration](./configuration.md) - How to configure Fence
-- [Architecture](../ARCHITECTURE.md) - How fence works under the hood
+- [Library Usage (Go)](library.md) - Using Greywall as a Go package
+- [Configuration](./configuration.md) - How to configure Greywall
+- [Architecture](../ARCHITECTURE.md) - How greywall works under the hood
 - [Security model](security-model.md) - Threat model, guarantees, and limitations
 - [Linux security features](linux-security-features.md) - Landlock, seccomp, eBPF details and fallback behavior
 - [Testing](testing.md) - How to run tests and write new ones
@@ -36,20 +36,20 @@ See [`examples/`](../examples/README.md) for runnable demos.
 
 ```bash
 # Block all network (default)
-fence <command>
+greywall <command>
 
 # Use custom config
-fence --settings ./fence.json <command>
+greywall --settings ./greywall.json <command>
 
 # Debug mode (verbose output)
-fence -d <command>
+greywall -d <command>
 
 # Monitor mode (show blocked requests)
-fence -m <command>
+greywall -m <command>
 
 # Expose port for servers
-fence -p 3000 <command>
+greywall -p 3000 <command>
 
 # Run shell command
-fence -c "echo hello && ls"
+greywall -c "echo hello && ls"
 ```