feat(security): add security configuration and tool validation

Security Configuration:
- config/security.toml with shell_exec, file_read, file_write, web_fetch, browser, and mcp settings
- Command whitelist/blacklist for shell execution
- Path restrictions for file operations
- SSRF protection for web fetch

Tool Security Implementation:
- ShellSecurityConfig with whitelist/blacklist validation
- ShellExecTool with actual command execution
- Timeout and output size limits
- Security checks before command execution

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

crates/zclaw-types/src/error.rs

@@ -52,6 +52,9 @@ pub enum ZclawError {
 
     #[error("MCP error: {0}")]
     McpError(String),
+
+    #[error("Security error: {0}")]
+    SecurityError(String),
 }
 
 /// Result type alias for ZCLAW operations