feat(mcp-trust-proxy): add tool argument injection scanning (#841)

- Add INJECTION_PATTERNS with 4 tightened regex patterns for prompt
  injection, roleplay jailbreak, system prompt exfiltration, and
  delimiter attacks
- Add _scan_tool_args() with recursive string value traversal
- Integrate scanning into authorize() with fail-closed error handling
- Add warning-level logging on scan failures before denial
- Document thread-safety model for TrustProxy class
- Add 35 tests covering injection detection, false-positive regression,
  nested structures, None/empty values, and fail-closed behavior

Relates to Discussion #814 (MCP security - ASI01/ASI02 defense in depth)

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>

Author: jackbatzner