define and enforce max threshold for agentd boot sequence in CI

[toksdotdev]

we need to be very mindful the agentd boot sequence, and continue to keep it as minimal as possible. it's very tempting to keep adding things there. one of the selling points of microsandbox is how quick we are to spin up. we shouldn't trade that for just any features (unless we badly need to).

the first step to that is to already start recording the  vm enter -> boot ⁠ time, and ⁠ boot -> init ⁠ time as part of the CI process, and enforcing a specific PR can't merged there's a significant jump, or it exceeds that max threshold.