rename Fence to Greywall as GreyHaven sandboxing component

Rebrand the project from Fence to Greywall, the sandboxing layer of the
GreyHaven platform. This updates:

- Go module path to gitea.app.monadical.io/monadical/greywall
- Binary name, CLI help text, and all usage examples
- Config paths (~/.config/greywall/greywall.json), env vars (GREYWALL_*)
- Log prefixes ([greywall:*]), temp file prefixes (greywall-*)
- All documentation, scripts, CI workflows, and example files
- README rewritten with GreyHaven branding and Fence attribution

Directory/file renames: cmd/fence → cmd/greywall, pkg/fence → pkg/greywall,
docs/why-fence.md → docs/why-greywall.md, example JSON files, and banner.

examples/02-filesystem/README.md

@@ -1,10 +1,10 @@
 # Filesystem Sandbox Demo
 
-This demo shows how fence controls filesystem access with `allowWrite`, `denyWrite`, and `denyRead`.
+This demo shows how greywall controls filesystem access with `allowWrite`, `denyWrite`, and `denyRead`.
 
 ## What it demonstrates
 
-| Operation | Without Fence | With Fence |
+| Operation | Without Greywall | With Greywall |
 |-----------|---------------|------------|
 | Write to `./output/` | ✓ | ✓ (in allowWrite) |
 | Write to `./` | ✓ | ✗ (not in allowWrite) |
@@ -16,19 +16,19 @@ This demo shows how fence controls filesystem access with `allowWrite`, `denyWri
 
 ## Run the demo
 
-### Without fence (all writes succeed)
+### Without greywall (all writes succeed)
 
 ```bash
 python demo.py
 ```
 
-### With fence (unauthorized operations blocked)
+### With greywall (unauthorized operations blocked)
 
 ```bash
-fence --settings fence.json python demo.py
+greywall --settings greywall.json python demo.py
 ```
 
-## Fence config
+## Greywall config
 
 ```json
 {
@@ -58,7 +58,7 @@ fence --settings fence.json python demo.py
 
 ## Protected paths
 
-Fence also automatically protects certain paths regardless of config:
+Greywall also automatically protects certain paths regardless of config:
 
 - Shell configs: `.bashrc`, `.zshrc`, `.profile`
 - Git hooks: `.git/hooks/*`

examples/02-filesystem/demo.py

@@ -2,13 +2,13 @@
 """
 Filesystem Sandbox Demo
 
-This script demonstrates fence's filesystem controls:
+This script demonstrates greywall's filesystem controls:
 - allowWrite: Only specific directories are writable
 - denyWrite: Block writes to sensitive files
 - denyRead: Block reads from sensitive paths
 
-Run WITHOUT fence to see all operations succeed.
-Run WITH fence to see unauthorized operations blocked.
+Run WITHOUT greywall to see all operations succeed.
+Run WITH greywall to see unauthorized operations blocked.
 """
 
 import os
@@ -78,7 +78,7 @@ def main():
 ╔═══════════════════════════════════════════════════════════╗
 ║  Filesystem Sandbox Demo                                  ║
 ╠═══════════════════════════════════════════════════════════╣
-║  Tests fence's filesystem controls:                       ║
+║  Tests greywall's filesystem controls:                       ║
 ║    - allowWrite: Only ./output/ is writable               ║
 ║    - denyWrite: .env and *.key files are protected        ║
 ║    - denyRead: /etc/shadow is blocked                     ║
@@ -96,7 +96,7 @@ def main():
         "Write to ./output/ (allowed)",
     )
 
-    # Test 2: Write to project root (should fail with fence)
+    # Test 2: Write to project root (should fail with greywall)
     try_write(
         "unauthorized.txt",
         "This should not be writable.\n",
@@ -133,12 +133,12 @@ def main():
         print(f"({skipped} test(s) skipped - file not found)")
 
     if blocked > 0:
-        print(f"✅ Fence blocked {blocked} unauthorized operation(s)")
+        print(f"✅ Greywall blocked {blocked} unauthorized operation(s)")
         print(f"{succeeded} allowed operation(s) succeeded")
         print("\nFilesystem sandbox is working!\n")
     else:
-        print("⚠️ All operations succeeded - you are likely not running in fence")
-        print("Run with: fence --settings fence.json python demo.py\n")
+        print("⚠️ All operations succeeded - you are likely not running in greywall")
+        print("Run with: greywall --settings greywall.json python demo.py\n")
 
     cleanup()