[codex] Add transport-aware path policy

[samuelduchesne]

Summary

Adds transport-aware filesystem policy for local stdio versus network transports:

• keeps direct server-local input paths available for stdio/local users
• requires explicit hosted path configuration for HTTP/SSE startup (IDFKIT_MCP_UPLOAD_DIR, IDFKIT_MCP_OUTPUT_DIRS, IDFKIT_MCP_SIMULATION_DIR)
• disables direct server-local input paths for network transports unless IDFKIT_MCP_INPUT_DIRS is configured
• validates OSM conversion paths, simulation output directories, and persisted session restore paths against the configured policy
• updates docs and tests for the new deployment behavior

Why

The external security review correctly identified that arbitrary server-local file reads/writes are acceptable for local MCP use but risky for hosted or multi-user HTTP deployments. This change makes that distinction explicit in code and docs without blocking the local desktop workflow.

Validation

• uv run ruff check .
• uv run ruff format --check .
• uv run pyright
• uv run pytest
• pre-commit hooks during git commit

[github-actions]

Docs preview for this PR is available at:
https://mcp.idfkit.com/pr-preview/pr-67/

Changed pages:

• https://mcp.idfkit.com/pr-preview/pr-67/getting-started/installation/
• https://mcp.idfkit.com/pr-preview/pr-67/tools/model-read/
• https://mcp.idfkit.com/pr-preview/pr-67/tools/simulation/