Harden MCP config loading and action-state retries

[pmbstyle]

Summary

• Prevent final visible replies that claim in-progress work without any tool call or runtime state change.
• Load MCP configs from compatibility paths, including .mcp.json and root mcp.json, and accept mcpServers format.
• Treat a leading workspace/ prefix as redundant when filesystem tools already operate at the workspace root.

Root Cause

The action-state verifier depended on a model classifier and missed short present-tense action claims like "Installing..."/"Устанавливаю...", so the turn could finalize while no work had started. Separately, MCP config loading only understood Octopal's canonical shapes and paths, while common MCP client config uses .mcp.json with mcpServers.

Validation

• uv run pytest tests/test_router_tool_budget.py::test_action_state_retry_catches_present_tense_action_commitment_without_verifier tests/test_router_tool_budget.py::test_route_retries_unbacked_action_commitment_with_tools -q
• uv run pytest tests/test_mcp_manager.py::test_mcp_manager_reads_claude_style_mcp_servers_config tests/test_mcp_manager.py::test_mcp_manager_skips_empty_compat_config_and_reads_canonical tests/test_mcp_manager.py::test_mcp_manager_reads_legacy_workspace_mcp_config -q
• uv run pytest tests/test_filesystem_hardening.py::test_fs_write_treats_leading_workspace_as_redundant_at_workspace_root tests/test_filesystem_hardening.py::test_fs_write_rejects_path_traversal -q
• uv run ruff check src/octopal/runtime/octo/router.py src/octopal/infrastructure/mcp/manager.py src/octopal/tools/filesystem/path_safety.py src/octopal/tools/catalog.py tests/test_router_tool_budget.py tests/test_mcp_manager.py tests/test_filesystem_hardening.py