fix(browser): redact typed values from automatic Browser2 snapshots

[shaun0927]

Summary

This is a narrow follow-up to #508.

The Browser2 page-inspection helpers were using live text-entry values as automatic labels and verification payloads. That means unlabeled inputs could expose typed content directly in page-read / verification output, including password values.

This patch keeps selectors and non-secret metadata intact while redacting text-entry controls from automatic labels and verification values.

Related issues

• Fixes Browser2 page inspection exposes live input values, including password fields #508

Changes

• apps/x/apps/main/src/browser/page-scripts.ts
  • add isTextEntryElement() to distinguish controls whose live values should not be used as labels
  • add shouldRedactVerificationValue() to suppress verification values for text-entry controls
  • stop using .value as the fallback label for text-entry controls
  • keep non-secret metadata (selector, role, placeholder, disabled, etc.) available for automation flows

Why this scope

I kept the fix intentionally narrow: it only removes automatic exposure of typed values while preserving stable selectors and other non-secret state that Browser2 still needs.

Testing

1. cd apps/x && pnpm install && pnpm run deps
2. cd apps/main && npm run build
3. Re-ran the local fixture validation after the patch:

ROWBOAT_REDACTION_RECHECK {"labels":[{"id":"email","type":"email","label":null,"rawValue":"alice@example.com"},{"id":"pwd","type":"password","label":null,"rawValue":"super-secret-password"},{"id":"notes","type":"textarea","label":null,"rawValue":"confidential draft"}],"passwordVerification":{"selector":"#pwd","descriptor":"input","text":null,"checked":null,"value":null,"selectedIndex":null,"open":null,"disabled":false,"active":false,"ariaChecked":null,"ariaPressed":null,"ariaExpanded":null}}