fix: reject spoofed grpc runtime sender types

[maxpetrusenkoagent]

Why are these changes needed?

Fixes a spoofing gap in the distributed gRPC runtime host: a worker could send an RPC request or publish a CloudEvent while claiming another worker's registered agent type as the sender. Target agents receive that value as ctx.sender, so the host should not forward explicit sender identity claims unless the sending client owns that agent type.

This is a narrow first step for #7372's cryptographic governance discussion. It does not add a full passport/delegation protocol, but it hardens the existing runtime invariant that the gateway/host should not relay forged agent identity metadata.

What changed

• Validate RPC source.type against the gRPC client that registered that agent type.
• Validate CloudEvent sender type attributes before fan-out.
• Return an RPC error response for rejected spoofed RPC requests so callers do not hang.
• Stop emitting synthetic ("unknown", "unknown") sender attributes for new anonymous publishes.
• Preserve rolling-upgrade compatibility for legacy anonymous publishes that still carry ("unknown", "unknown").
• Add regression tests for registered spoofing, unregistered spoofing, anonymous publish, and legacy anonymous publish behavior.

Related issue number

Refs #7372

Checks

• I've included any doc changes needed for https://microsoft.github.io/autogen/. See https://github.com/microsoft/autogen/blob/main/CONTRIBUTING.md to build and test documentation locally.
• I've added tests (if relevant) corresponding to the changes introduced in this PR.
• I've made sure all auto checks have passed.

Test plan

• python -m pytest packages/autogen-ext/tests/test_worker_runtime.py -q -> 7 passed, 16 skipped
• poe --directory ./packages/autogen-ext format -> 198 files left unchanged
• poe --directory ./packages/autogen-ext lint -> All checks passed!
• pyright packages/autogen-ext/src/autogen_ext/runtimes/grpc/_worker_runtime_host_servicer.py packages/autogen-ext/src/autogen_ext/runtimes/grpc/_worker_runtime.py packages/autogen-ext/tests/test_worker_runtime.py -> 0 errors, 0 warnings
• mypy packages/autogen-ext/src/autogen_ext/runtimes/grpc/_worker_runtime_host_servicer.py packages/autogen-ext/src/autogen_ext/runtimes/grpc/_worker_runtime.py packages/autogen-ext/tests/test_worker_runtime.py -> Success: no issues found in 3 source files

Full poe --directory ./packages/autogen-ext pyright was also attempted, but this checkout is missing optional extras used by unrelated extension modules (cv2, ffmpeg, whisper, chromadb, semantic_kernel, graphrag), so the package-wide command reports pre-existing missing-import errors outside this diff.

Second-agent review

Preferred reviewer claude -p was available but failed auth with 401, so I used the required fallback reviewer: hermes chat -Q on /tmp/oss-pr-second-agent-review.diff.

Result: CLEAN

Reviewer notes: no blocking correctness, regression, security, duplicate/superseded-work, or maintainer-fit issues found. Earlier blocking review findings about unregistered senders, RPC hangs, and legacy anonymous publishes were fixed before this PR was opened.