llm: populate LLMSetupNote for Gemini and warn on --tls-skip-verify no-op

[yrobla]

Context

Follow-up from #5142 (Correct Gemini CLI LLM gateway config to proxy mode), raised in code review.

Problems

1. LLMSetupNote is plumbed but never populated

LLMSetupNote was added with full plumbing (struct field, getter, GatewayManager interface method, adapter, stub, output formatting in configureDetectedTools) but is never set on any client. This adds abstraction without a concrete use case yet.

Resolution options (pick one):

• Populate it for the Gemini client to surface the gemini-cli >= v0.40.0 requirement (see PR Correct Gemini CLI LLM gateway config to proxy mode #5142 for the upstream fix reference).
• Drop the plumbing entirely and reintroduce it when there is an actual note to write.

2. --tls-skip-verify is silently a no-op for Gemini CLI

When thv llm setup --tls-skip-verify is run against a Gemini target, the flag is accepted but has no effect. The reasoning is sound — setting NODE_TLS_REJECT_UNAUTHORIZED=0 is process-global and would weaken every other HTTPS call the Gemini process makes, so omitting it is the right call. However, the user gets no feedback that the flag was ignored.

Resolution: Either print a warning when --tls-skip-verify is set for a Gemini target, or surface a note via LLMSetupNote (which ties back to item 1 above as a concrete use case).

Suggested approach

Populate LLMSetupNote on the Gemini client with a message such as:

--tls-skip-verify is not supported for Gemini CLI (setting NODE_TLS_REJECT_UNAUTHORIZED would affect all HTTPS connections in the process). Ensure your proxy certificate is trusted by the system store instead.

This resolves both items in one change and gives LLMSetupNote its first real use.

References

• PR: Correct Gemini CLI LLM gateway config to proxy mode #5142
• Upstream gemini-cli fix: v0.40.0 / PR #25357