#695 APP-02: Playwright import allows uncontained browser automation

Location: code_loader.py:332. Issue: Playwright can spawn browser processes that bypass multiprocessing isolation, access filesystem, make network requests. Fix: Remove playwright from ALLOWED_IMPORTS or require explicit tenant permission and execute in Docker sandbox.