Validate MCP server command against allowlist

[bug-ops]

Parent: #623

crates/zeph-mcp/src/client.rs:40-51 — MCP server commands from config executed without validation. Validate against allowlist or require explicit user confirmation for unknown commands.