fix(ocap-kernel): harden makeAllowedGlobals output in VatSupervisor

Defense-in-depth restoration of the harden() call the pre-snaps
constructor used to apply to `allowedGlobals`. `createDefaultEndowments`
already hardens its output, but `makeAllowedGlobals` is a public seam
(see the exported `VatEndowments` type) — a custom factory returning
unhardened globals would hand a vat mutable references to its own
endowments, defeating attenuation. `harden` is idempotent and deep, so
this is a no-op on the default path.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

Author: sirtimid

packages/ocap-kernel/src/vats/VatSupervisor.ts

@@ -155,7 +155,8 @@ export class VatSupervisor {
     this.#platformOptions = platformOptions ?? {};
     this.#makePlatform = makePlatform;
     const { globals, teardown } = makeAllowedGlobals();
-    this.#allowedGlobals = globals;
+    // Defense in depth: custom `makeAllowedGlobals` factories may skip hardening.
+    this.#allowedGlobals = harden(globals);
     this.#endowmentsTeardown = teardown;
 
     this.#rpcClient = new RpcClient(