Harden deny.cli wrapper generation

[Copilot]

deny.cli patterns were embedded in generated bash wrappers with insufficient quoting and then evaluated with eval, allowing a malicious BAND.md pattern like foo$(...) * to execute during wrapper parsing.

• Wrapper generation
  • Replaces double-quoted pattern interpolation with single-quoted shell literals.
  • Removes eval from deny checks.
  • Keeps intended bash glob matching for deny patterns.

for P in "${DENY_PATTERNS[@]}"; do
  if [[ "$FULL_CMD" == $P ]]; then
    echo "DENIED: $FULL_CMD" >&2
    exit 126
  fi
done

• Regression coverage
  • Adds unit coverage for command substitution payloads in deny.cli.
  • Verifies generated wrappers preserve metacharacters as data and do not execute them.

[mrjf]

@copilot resolve the merge conflicts in this pull request and fix tests

[Copilot]

@copilot resolve the merge conflicts in this pull request and fix tests

Resolved the merge conflicts and pushed merge commit d36b465. Validation passed: targeted band-server tests, typecheck, full bun run test, secret scan, and CodeQL (0 alerts).

[mrjf]

@copilot resolve the merge conflicts in this pull request

[Copilot]

@copilot resolve the merge conflicts in this pull request

Resolved the merge conflicts and pushed merge commit 871058a. Validation passed: targeted runtime tests, bun run typecheck, bun run build, full bun run test, secret scan, and CodeQL (0 alerts).