sec(gateway): start-with-env.sh shell wrapper — durable env fix for PM2 quirk

Recurring problem: PM2 ecosystem env vars get dropped on KeepAlive
auto-restart. Has bitten us 3× in one session — defense silently turns
OFF without visible cause.

Fix: PM2 script changed from `./packages/gateway/dist/server.js` to
`./start-with-env.sh` which:
  set -a; source .env.defense; source .env; set +a
  exec node packages/gateway/dist/server.js

Defense env now persists across ANY restart mechanism (manual reload,
KeepAlive crash-restart, pm2 resurrect, system reboot, ...) because
it's loaded at the shell level on every process spawn — independent of
PM2's internal env state.

Verified end-to-end:
  - 4 smoke tests (Layer-1 EN/FR, Layer-2 Roleplay, legit) → all pass
  - kill -9 → KeepAlive respawns → env STILL present → injection STILL
    blocks (HTTP 422)

.env.defense lives at /opt/llm-gateway/.env.defense (chmod 600, not in repo).
.env.defense.example added to repo as template.

start-with-env.sh

@@ -0,0 +1,8 @@
+#!/usr/bin/env bash
+# PM2 wrapper that ensures defense env is always loaded, even on KeepAlive auto-restart
+# Production fix for the recurring PM2 env-drop quirk.
+set -a
+[ -f /opt/llm-gateway/.env.defense ] && source /opt/llm-gateway/.env.defense
+[ -f /opt/llm-gateway/.env ] && source /opt/llm-gateway/.env
+set +a
+exec /usr/bin/node /opt/llm-gateway/packages/gateway/dist/server.js