#738 Shell security check incorrectly rejects commands in K8s pods

When workers run inside K8s pods (not using Docker-in-Docker sandbox), shell commands with && or || are rejected with 'Shell command security violation'. The security bypass logic only checked for Docker sandbox or exempt tenants, not for already-isolated containers. Fixed by adding is_already_isolated check for 'already inside docker container' sandbox_reason.