fix: ACP 模式未读取 settings.local.json

entry.ts 在 ACP 握手期调用的 applySafeConfigEnvironmentVariables 触发了
loadSettingsFromDisk，此时 getOriginalCwd() 还是进程启动 cwd（非项目目录），
导致 localSettings/projectSettings 按错误路径解析为空并被 session cache 锁住，
后续 createSession 里 setOriginalCwd 也无法纠正。在 setOriginalCwd 与 chdir
之后清缓存并重新应用，让 settings.local.json 和项目级 env 对
readSettingsPermissionMode 及下游可见。

Co-Authored-By: glm-5.2 <zai-org@claude-code-best.win>

src/services/acp/agent/createSessionMethod.ts

@@ -26,6 +26,8 @@ import {
 } from '../../../bootstrap/state.js'
 import type { SessionId } from '../../../types/ids.js'
 import { enableConfigs } from '../../../utils/config.js'
+import { applySafeConfigEnvironmentVariables } from '../../../utils/managedEnv.js'
+import { resetSettingsCache } from '../../../utils/settings/settingsCache.js'
 import { FileStateCache } from '../../../utils/fileStateCache.js'
 import { getDefaultAppState } from '../../../state/AppStateStore.js'
 import type { AppState } from '../../../state/AppStateStore.js'
@@ -89,6 +91,16 @@ async function createSession(
     // CWD may not exist yet; best-effort
   }
 
+  // entry.ts calls applySafeConfigEnvironmentVariables() during handshake so the
+  // API client can authenticate before createSession arrives. At that point
+  // getOriginalCwd() is still the spawn cwd (not the project dir), so
+  // loadSettingsFromDisk() resolves localSettings/projectSettings against the
+  // wrong root and caches the empty result. Now that we've set the real project
+  // cwd, drop the cache and re-apply so settings.local.json and project env
+  // become visible to readSettingsPermissionMode() and downstream consumers.
+  resetSettingsCache()
+  applySafeConfigEnvironmentVariables()
+
   try {
     // Build tools with a permissive permission context.
     const permissionContext = getEmptyToolPermissionContext()