[codex] Reintroduce pi-mono AgentMesh integration

[theScrod]

Refs #968.
Supersedes #970.
Addresses the dependency-scan rollback in #1190.

What changed

• reintroduces the @microsoft/agentmesh-pi-mono integration package under packages/agentmesh-integrations/pi-mono-agentmesh
• restores the pi-mono governance/session adapter, tests, and integration docs that were previously reverted
• adds the missing dependency-confusion allowlist entries for @microsoft/agentmesh-sdk and @mariozechner/pi-coding-agent in scripts/check_dependency_confusion.py

Why this is needed

The original pi-mono integration in #970 was merged and then backed out in #1190 because AGT's dependency-scan job treated two npm package names as unregistered:

• @microsoft/agentmesh-sdk
• @mariozechner/pi-coding-agent

That was an allowlist problem, not an adapter-logic problem:

• @microsoft/agentmesh-sdk is AGT's own published TypeScript SDK package
• @mariozechner/pi-coding-agent is the published pi-mono SDK dependency required by the integration

This PR restores the integration and fixes the scanner configuration so the same false positive does not force another rollback.

Validation

• package-specific dependency confusion check for packages/agentmesh-integrations/pi-mono-agentmesh/package.json now returns OK
• npm run lint
• npm test
• npm run build

[imran-siddique]

Closing — the pi-mono-agentmesh package was intentionally removed from the repo. It was identified as promotional content that didn't meet our contribution quality gate. This PR re-adds it, which we don't accept.

If pi-mono has a genuine governance integration to contribute, please open an issue first describing the technical value, then submit code under \packages/agentmesh-integrations/\ without modifying core files (README.md).

[theScrod]

The notes when the initial package was removed were due to it failing a dependency check (scripts/check_dependency_confusion.py) that is a set of hard-coded accepted npm packages. There was no reference to the genuine-ness of whether this is meant to be promotional or not. This is not promotional, pi-mono is open and widely adopted -(38K stars, 4.5K forks). It is the core of OpenClaw, which looks to have a skill for leveraging agent-governance-toolkit. I opened issue 968 to describe the value of the proposed integration. I apologize for touching anything outside of the package but I'm not sure how to avoid the dependency check failing again without the check_dependency_confusion to be amended to account for the integrated package. All that being said - I'm all set and can leverage the good work you have contributed with my implementations, I was just trying to give back a little. If pi-mono introduces supply chain risks, that seems a very legitimate concern. I cannot control that because I have nothing to do with that project. Thanks.

[theScrod]

Also - it seems the README.md still thinks that the pi-mono support is in place -

That was not me adding it back per blame.