Untested edge case: what happens when OAuth token expires while agent is running in container?
Test scenarios: 1. Start agent with token that expires mid-run 2. Verify refresh works or fails gracefully 3. Ensure refreshed token is written back (may need rw mount)