fix(#96): better workspace path marker + system-prompt hint to break echo loop

yangzailai reported model loop: asks "我的项目路径", model answers `{"path":"…"}`, user keeps asking, model loops "项目路径是 …，让我查看其中的文件…路径是 ……路径是 …".

Root cause: REDACTED_PATH = '…' (Unicode ellipsis) chosen for shell-safety (no `cd …` loop) but the model NOW echoes it in conversational prose as the literal answer to "where is my path?". This is the 6th failure mode in the marker history (the prior 5 were shell-execution loops).

Fix (two parts, both ship together):

1. Marker: '…' → '<workspace>'
   - User reads `<workspace>` and understands "the LLM doesn't know my real path"
   - Still survives JSON/SSE/shell quoting (no metacharacters)
   - Model still won't `cd <workspace>` — angle brackets read as placeholder syntax to LLMs

2. System-prompt hint added to all 5 preamble builders:
   "Your sandbox workspace path is hidden from the user. If asked for the project path or working directory, tell them you can't see their real absolute path; use relative paths or paths returned by tool calls."

   Breaks the echo loop — model knows NOT to answer with the marker.

Updated marker-history comment block in sanitize.js to document this 6th failure mode and why <workspace> is the new minimum.