fix: require explicit ACPX auth envs for ACP auth selection

[valkyriweb]

Fixes #247

acpx and the normal codex CLI intentionally share the same Codex auth state. That part is fine.

The bug is that starting a Codex session through acpx could overwrite that shared auth instead of just reusing it.

If the parent environment had OPENAI_API_KEY set, acpx could treat it as an ACP auth credential, select openai-api-key during startup, and send codex-acp down its API-key login path. In practice that meant an existing ChatGPT OAuth login could be replaced on disk, and later codex CLI runs would start using the API key instead.

This change keeps explicit ACP auth working, but stops ambient provider env from participating in auth-method selection.

Only these should drive ACP authenticate selection:

• config auth entries
• explicit ACPX_AUTH_<METHOD_ID> env vars

Ambient provider env like OPENAI_API_KEY can still exist in the process environment, but it should not be enough on its own to rewrite shared Codex auth.

What changed

• only ACPX_AUTH_* env vars count as ACP auth input during auth-method selection
• config auth entries still work as before
• explicit ACPX_AUTH_* values are still promoted into the child environment for adapters that expect normalized names like OPENAI_API_KEY
• docs were updated to make the explicit-auth requirement clear
• regression tests were added for both auth selection and child env propagation

Verification

• pnpm run check
• pnpm run check:docs

AI-assisted change.