fix(pipes): inject explicit sandbox policies to artifacts iframe to mitigate client-side block

plugins/pipes/github-copilot-sdk/github_copilot_sdk.py

@@ -1228,6 +1228,8 @@ class Pipe:
                         # Artifacts mode: standard iframe for the AI to output directly (Infinite height)
                         iframe_html = (
                             f'<iframe src="{view_url}" '
+                            f'sandbox="allow-scripts allow-same-origin allow-popups allow-downloads allow-forms" '
+                            f'allow="fullscreen" '
                             f'style="width:100%; height:100vh; min-height:600px; border:none; border-radius:12px; '
                             f'box-shadow: 0 10px 40px rgba(0,0,0,0.1);"></iframe>'
                         )