feat(M39): IIS WinRM proxy agent mode + front-to-back wiring

Complete the IIS target connector with dual-mode deployment:
- WinRM proxy agent mode via masterzen/winrm for remote Windows servers
- Base64 PFX transfer with try/finally cleanup on remote host
- GUI wizard updated with 13 IIS config fields including WinRM settings
- TargetDetailPage sensitive field redaction (password/secret/token/key)
- OpenAPI TargetType enum updated (added Traefik, Caddy)
- connectors.md fully documented with WinRM proxy config example
- 38 total IIS tests (10 new WinRM tests), all passing with race detection

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

web/src/pages/TargetDetailPage.tsx

@@ -164,11 +164,16 @@ export default function TargetDetailPage() {
             <h3 className="text-sm font-semibold text-ink-muted mb-4">Configuration</h3>
             {target.config && Object.keys(target.config).length > 0 ? (
               <div className="space-y-0">
-                {Object.entries(target.config).map(([key, val]) => (
-                  <InfoRow key={key} label={key.replace(/_/g, ' ')} value={
-                    <span className="font-mono text-xs truncate max-w-xs inline-block">{String(val)}</span>
-                  } />
-                ))}
+                {Object.entries(target.config).map(([key, val]) => {
+                  const sensitiveKeys = ['password', 'secret', 'token', 'key', 'winrm_password'];
+                  const isSensitive = sensitiveKeys.some(s => key.toLowerCase().includes(s));
+                  const displayVal = isSensitive && val ? '********' : String(val);
+                  return (
+                    <InfoRow key={key} label={key.replace(/_/g, ' ')} value={
+                      <span className="font-mono text-xs truncate max-w-xs inline-block">{displayVal}</span>
+                    } />
+                  );
+                })}
               </div>
             ) : (
               <div className="text-sm text-ink-faint py-4 text-center">No configuration data</div>