subprocess.run was already patched with CREATE_NO_WINDOW, but Popen and os.startfile were unprotected. Agent code could open visible GUI windows via subprocess.Popen(['notepad.exe']) or os.startfile().
- simphtml: rewrite visibility inheritance (area-based maxC), add isVisible to childrenInfo, fix className SVG compat (getAttribute), expand isDialog detection, hoist deep fixed dialogs, clear SVG attrs, fix warning message concat - ga: return error messages instead of None for code_run/web_execute_js failures - stapp: disable unsafe_allow_html - code_run_header: add excepthook hint for ImportError/AttributeError - mykey_template: remove stale prompt_cache comment
