Add secure clone-demo.sh script with comprehensive safety features

[Copilot]

This PR addresses critical security vulnerabilities in directory removal operations by implementing a secure clone-demo.sh script with comprehensive safety measures.

Key Security Improvements

Enhanced Portability

• Improved shebang declaration: Uses #!/usr/bin/env bash for better cross-platform compatibility
• Strict error handling: Implements set -euo pipefail to prevent script execution with errors
• Static analysis validated: Passes ShellCheck with zero warnings

Critical Safety Validation

The script implements multi-layered validation before any directory removal operations:

# Protected system directories that cannot be removed
readonly PROTECTED_DIRS=(
    "/"
    "/bin"
    "/boot" 
    "/dev"
    "/etc"
    "/home"
    "/lib"
    "/usr"
    "/var"
    # ... and more
)

Comprehensive Protection Against Dangerous Directory Values

• System directory protection: Prevents removal of critical paths like /, /home, /usr, etc.
• Input validation: Rejects empty strings, whitespace-only paths, and dangerous patterns
• Path resolution: Uses readlink -f to resolve and validate absolute paths
• User confirmation: Requires explicit confirmation for all destructive operations
• Safe function design: safe_remove_directory() with multiple validation layers

Security Testing Results

The script successfully blocks dangerous operations:

• ❌ ./clone-demo.sh --force / → "Cannot remove protected directory"
• ❌ ./clone-demo.sh --force /home → "Cannot remove protected directory"
• ❌ ./clone-demo.sh --force "" → "Directory path cannot be empty"
• ✅ ./clone-demo.sh --help → Shows comprehensive usage and safety features

Additional Features

• Visual feedback: Color-coded output for different message types
• Comprehensive help: Detailed usage documentation with safety feature descriptions
• Flexible options: Support for custom repositories, force mode, and cleanup operations
• Error handling: Proper exit codes and descriptive error messages

The script prevents catastrophic system damage from potentially dangerous rm -rf commands while maintaining all existing functionality for legitimate demo setup operations.

Fixes #17.

---

💡 You can make Copilot smarter by setting up custom instructions, customizing its development environment and configuring Model Context Protocol (MCP) servers. Learn more Copilot coding agent tips in the docs.

[joe10832]

@copilot

[Copilot]

Pull Request Overview

This PR introduces a comprehensive security-focused shell script for cloning and setting up demo projects with extensive safety measures to prevent accidental system damage.

• Implements multi-layered directory validation to protect critical system paths
• Adds user confirmation prompts and force mode support for destructive operations
• Provides flexible configuration options for repository URL and target directory

---

_{Tip: Customize your code reviews with copilot-instructions.md. Create the file or learn how to get started.}

[Copilot]

There's trailing whitespace after '/boot' that should be removed for consistency.

Suggested change

	"/boot"
	"/boot"

[Copilot]

The dependency installation commands lack error handling. If yarn or npm install fails, the script continues without indication of failure, which could lead to an incomplete setup.

Suggested change

	yarn install
	elif command -v npm &> /dev/null; then
	npm install
	if yarn install; then
	print_status "$GREEN" "✅ Dependencies installed successfully with yarn."
	else
	print_status "$RED" "❌ Failed to install dependencies with yarn."
	exit 1
	fi
	elif command -v npm &> /dev/null; then
	if npm install; then
	print_status "$GREEN" "✅ Dependencies installed successfully with npm."
	else
	print_status "$RED" "❌ Failed to install dependencies with npm."
	exit 1
	fi