fix(agent): always emit passthrough egress route for api.anthropic.com

Mirrors the Codex pattern: Claude always gets a tls_passthrough route
for api.anthropic.com so user-set tokens aren't stripped by pipelock,
whether or not auth_token is declared. Auth injection (scheme + token_ref)
and the placeholder env only apply when auth_token is set.

Assisted-by: Claude Code

bot_bottle/agent_provider.py

@@ -193,17 +193,18 @@ def agent_provision_plan(
                 "codex host credentials: dummy auth was copied into the "
                 "guest, but Codex did not accept it"
             )))
-    if template == PROVIDER_CLAUDE and auth_token:
+    if template == PROVIDER_CLAUDE:
         egress_routes.append(EgressRoute(
             host="api.anthropic.com",
-            auth_scheme="Bearer",
+            auth_scheme="Bearer" if auth_token else "",
             token_ref=auth_token,
             tls_passthrough=True,
         ))
-        env_vars["CLAUDE_CODE_OAUTH_TOKEN"] = "egress-placeholder"
-        env_vars["CLAUDE_CODE_DISABLE_NONESSENTIAL_TRAFFIC"] = "1"
-        env_vars["DISABLE_ERROR_REPORTING"] = "1"
-        hidden_env_names = frozenset({"CLAUDE_CODE_OAUTH_TOKEN"})
+        if auth_token:
+            env_vars["CLAUDE_CODE_OAUTH_TOKEN"] = "egress-placeholder"
+            env_vars["CLAUDE_CODE_DISABLE_NONESSENTIAL_TRAFFIC"] = "1"
+            env_vars["DISABLE_ERROR_REPORTING"] = "1"
+            hidden_env_names = frozenset({"CLAUDE_CODE_OAUTH_TOKEN"})
 
     return AgentProvisionPlan(
         template=template,