Codex Agent integration: HTTP surface + plugin bundle + Settings UI

This persists work that had been living only in the cookbook docker
container's writable layer — never committed to the host source. Brought
back to git intact, app.py registration re-applied surgically on top of
current main (not the older container copy, which would have regressed
the Windows MIME fix, asynccontextmanager lifespan, and webhook auth
exempts).

routes/codex_routes.py (new):
- GET  /api/codex/capabilities  — what this Odysseus exposes.
- GET  /api/codex/plugin.zip    — downloads integrations/codex as a zip.
- GET  /api/codex/todos         — scope-gated todos:read|write.
- POST /api/codex/todos         — scope-gated todos:write.
- GET  /api/codex/emails        — scope-gated email:read|draft|send.
- GET  /api/codex/emails/{uid}  — single-message fetch.
- _scope_owner() enforces api_token scopes before touching user data.

routes/api_token_routes.py (+103 lines):
- Adds Codex-token-specific issuance + revocation paths.

integrations/codex/ (new bundle, shipped via /api/codex/plugin.zip):
- README.md                       — install instructions.
- .codex-plugin/plugin.json       — Codex plugin manifest.
- scripts/odysseus_api.py         — Python client used by the skill.
- skills/odysseus/SKILL.md        — Codex skill definition.

static/js/settings.js (+253 lines):
- New "Codex Agent" option in the Integrations dropdown.
- Add / edit panel with plugin-bundle download link + curl-with-token
  install instructions per agent.

app.py:
- 7-line surgical change: capture email_router = setup_email_routes()
  and register setup_codex_routes(email_router=email_router) after the
  email module so the Codex routes can borrow its helpers.

integrations/codex/README.md

@@ -0,0 +1,51 @@
+# Odysseus Codex Integration
+
+This directory contains the Codex plugin/skill bundle for Odysseus.
+
+## User Flow
+
+1. Open Odysseus Settings > Integrations.
+2. Add a Codex Agent.
+3. Copy the full setup commands shown after the generated token.
+4. Toggle the tools Codex is allowed to use.
+5. Configure the terminal Codex session:
+
+```bash
+export ODYSSEUS_URL=http://your-odysseus-host:7000
+export ODYSSEUS_API_TOKEN=ody_generated_token
+mkdir -p ~/plugins
+curl -fsSL -H "Authorization: Bearer $ODYSSEUS_API_TOKEN" "$ODYSSEUS_URL/api/codex/plugin.zip" -o /tmp/odysseus-codex-plugin.zip
+python3 -m zipfile -e /tmp/odysseus-codex-plugin.zip ~/plugins
+python3 - <<'PY'
+import json
+from pathlib import Path
+
+p = Path.home() / ".agents" / "plugins" / "marketplace.json"
+p.parent.mkdir(parents=True, exist_ok=True)
+if p.exists():
+    data = json.loads(p.read_text())
+else:
+    data = {"name": "personal", "interface": {"displayName": "Personal"}, "plugins": []}
+
+data.setdefault("name", "personal")
+data.setdefault("interface", {}).setdefault("displayName", "Personal")
+plugins = data.setdefault("plugins", [])
+entry = {
+    "name": "odysseus",
+    "source": {"source": "local", "path": "./plugins/odysseus"},
+    "policy": {"installation": "AVAILABLE", "authentication": "ON_INSTALL"},
+    "category": "Productivity",
+}
+data["plugins"] = [item for item in plugins if item.get("name") != "odysseus"] + [entry]
+p.write_text(json.dumps(data, indent=2) + "\n")
+PY
+codex plugin add odysseus@personal
+```
+
+6. Verify:
+
+```bash
+python3 ~/plugins/odysseus/scripts/odysseus_api.py capabilities
+```
+
+Codex must use `/api/codex/*` endpoints. SSH, Docker, direct Python imports, database queries, and MCP internals bypass Odysseus Settings and must not be used for user data access.