feat: enhanced structural validation for validate command

[bryan-anthropic]

Summary

• Adds three pre-pack structural validators to mcpb validate that catch common runtime failures early:
  • Entry point: verifies file exists, extension matches server type, binary has executable bit
  • Command variables: scans mcp_config for unrecognized ${...} patterns (e.g. ${BUNDLE_ROOT} which silently fails at runtime)
  • Sensitive files: warns about credentials.json, *.pem, *.key, .ssh/ etc. that would be bundled
• Errors fail validation; warnings print but pass
• validateManifest() accepts optional { projectDir } to support external manifest paths

Closes #57

Test plan

• yarn build — clean
• yarn lint — clean
• yarn test — 229 pass (218 existing + 11 new)
• E2E: validate catches ${BUNDLE_ROOT} → fix to ${__dirname} → pack → MCP initialize succeeds
• E2E: missing entry_point → exits 1; binary not executable → exits 1
• E2E: credentials.json in subdir → warning (exits 0)

🤖 Generated with Claude Code

[tobinsouth]

@claude can you review this

[bryan-anthropic]

Review by Claude Code

Looks good — three practical pre-pack validators that catch real issues early (missing entry points, invalid variables, sensitive file leaks).

A few observations:

1. Clean API design — the ValidationResult interface and the manifestDir vs projectDir separation are well thought out. Pack passing projectDir to handle external manifests is a nice touch.

2. Sensitive files as warnings-only — correct call. A .pem could be a legitimate TLS cert; erroring would be too opinionated.

3. Test coverage — 11 new integration tests covering all three validators, plus existing fixtures updated for entry_point checks. Solid.

Minor nit: the silent catch {} in validateSensitiveFiles could mask unexpected errors from getAllFilesWithCount, but the comment explains the rationale (pack will fail with a clearer error downstream). Fine as-is.