fix: validate file paths in saveFile to prevent path traversal

[AI-Reviewer-QS]

Summary

• saveFile() accepts user-provided filenames and resolves them with path.resolve(), but does not validate the resulting path
• This allows writing files to arbitrary locations outside the working directory via absolute paths (e.g., /etc/passwd) or ../ sequences
• Added validation to ensure the resolved path stays within process.cwd() before writing

Reproduction

// These would previously succeed:
await context.saveFile(data, '/tmp/arbitrary-file.txt');
await context.saveFile(data, '../../outside-cwd/file.txt');

// After fix, both throw:
// "File path must be within the current working directory: /path/to/cwd"

Test plan

• Verify relative paths within CWD still work (e.g., output/file.txt)
• Verify absolute paths outside CWD are rejected
• Verify ../ path traversal sequences are rejected
• Verify screenshot saving (uses saveScreenshot, not affected) still works

[google-cla]

Thanks for your pull request! It looks like this may be your first contribution to a Google open source project. Before we can look at your pull request, you'll need to sign a Contributor License Agreement (CLA).

View this failed invocation of the CLA check for more information.

For the most up to date status, view the checks section at the bottom of the pull request.

[OrKoN]

Thanks for the PR but the filePath is explicitly for absolute paths and not for paths within cwd() (as the MCP server cwd could be different from the project cwd). Please file a feature request to describe which scenario you are after. cc @natorion @nroscino