fix(job-manifest): mount shared PVC into write-prompt init container

The write-prompt init container runs
`mkdir -p /paperclip/instances/default/run-logs/<companyId>/<agentId>` to
seed the run-logs directory before the main `claude` container starts.
The init container's volumeMounts only included `prompt` (and
`prompt-secret` on the large-prompt path) — the shared `data` PVC
mounted at /paperclip in the main container was missing. So the mkdir tries
to create /paperclip in the busybox overlay rootfs, where uid 1000 cannot
write at /, and the Job fails with:

  mkdir: can't create directory '/paperclip/': Permission denied

before the main container ever runs.

Add { name: 'data', mountPath: '/paperclip' } to both branches' volumeMounts
so the init container writes to the same shared PVC the main container
mounts.

Reproduced + verified against a kubeadm 1.35 cluster on cephfs RWX.

src/server/job-manifest.ts

@@ -508,6 +508,7 @@ export function buildJobManifest(input: JobBuildInput): JobBuildResult {
         volumeMounts: [
           { name: "prompt", mountPath: "/tmp/prompt" },
           { name: "prompt-secret", mountPath: "/tmp/prompt-secret", readOnly: true },
+          { name: "data", mountPath: "/paperclip" },
         ],
         securityContext,
         resources: {
@@ -521,7 +522,10 @@ export function buildJobManifest(input: JobBuildInput): JobBuildResult {
         imagePullPolicy: "IfNotPresent",
         command: ["sh", "-c", `mkdir -p /paperclip/instances/default/run-logs/${agent.companyId}/${agent.id} && printf '%s' "$PROMPT_CONTENT" > /tmp/prompt/prompt.txt`],
         env: [{ name: "PROMPT_CONTENT", value: prompt }],
-        volumeMounts: [{ name: "prompt", mountPath: "/tmp/prompt" }],
+        volumeMounts: [
+          { name: "prompt", mountPath: "/tmp/prompt" },
+          { name: "data", mountPath: "/paperclip" },
+        ],
         securityContext,
         resources: {
           requests: { cpu: "10m", memory: "16Mi" },