Implement egress controls on LLM API endpoints for production server workloads

Catches PROMPTFLUX / HONESTCUE / CANFAIL-class runtime LLM-API abuse and the LLM-API-key theft model the GTIG report attributes to UNC5673 (TEMP.Hex). Concrete: add an SWG / firewall allowlist policy that only permits outbound to *.googleapis.com/v1beta/, api.openai.com/v1/, api.anthropic.com/ from workloads where LLM access is justified; deny on production servers without an explicit override. Reinforce by treating LLM API keys as Tier-1 secrets — rotate quarterly minimum, store alongside cloud-administrator credentials, enable provider-side usage alerting on per-key baselines (rate-limit, geographic, ASN, prompt-content category outside business profile).