feat(ipuaro): add PathValidator security utility (v0.13.0)

Add centralized path validation to prevent path traversal attacks.

- PathValidator class with sync/async validation methods
- Protects against '..' and '~' traversal patterns
- Validates paths are within project root
- Refactored all 7 file tools to use PathValidator
- 51 new tests for PathValidator

packages/ipuaro/tests/unit/infrastructure/tools/edit/CreateFileTool.test.ts

@@ -224,7 +224,7 @@ describe("CreateFileTool", () => {
             const result = await tool.execute({ path: "../outside/file.ts", content: "test" }, ctx)
 
             expect(result.success).toBe(false)
-            expect(result.error).toBe("Path must be within project root")
+            expect(result.error).toBe("Path contains traversal patterns")
         })
 
         it("should return error if file already exists", async () => {

packages/ipuaro/tests/unit/infrastructure/tools/edit/DeleteFileTool.test.ts

@@ -189,7 +189,7 @@ describe("DeleteFileTool", () => {
             const result = await tool.execute({ path: "../outside/file.ts" }, ctx)
 
             expect(result.success).toBe(false)
-            expect(result.error).toBe("Path must be within project root")
+            expect(result.error).toBe("Path contains traversal patterns")
         })
 
         it("should return error if file does not exist", async () => {

packages/ipuaro/tests/unit/infrastructure/tools/edit/EditLinesTool.test.ts

@@ -296,7 +296,7 @@ describe("EditLinesTool", () => {
             )
 
             expect(result.success).toBe(false)
-            expect(result.error).toBe("Path must be within project root")
+            expect(result.error).toBe("Path contains traversal patterns")
         })
 
         it("should return error when start exceeds file length", async () => {