Ability to disable certain add-ons (e.g., cmd command) in the WebSocket for security

[thib-d]

Description:
It would be useful to have a configuration option in Selkie to disable specific add-ons or commands that are sent via the WebSocket, such as the cmd command in the input_handler.py.

This feature could improve security by preventing unauthorized execution of commands or limiting the available functionality in environments where full shell access is not needed.

Example use case:
• Disable cmd command to prevent users to execute code.
• Restrict only to allowed tools or applications via configuration.

Proposed solution:
• Add a configuration file or environment variable allowing admins to specify a list of disabled add-ons or commands.
• Ensure the WebSocket handler ignores or blocks

[thib-d]

In addition, any website (if we use firefox) can connect to the local websocket and inject commands