Enforce OAuth read-only for cloud commands

[sdairs]

Summary

• OAuth device flow tokens are now treated as read-only. Write commands (create, update, delete, start, stop, scale, etc.) are blocked early in the CLI when using Bearer auth, with a clear error guiding users to API key authentication.
• Every cloud command is explicitly classified as read or write using exhaustive match (no wildcards), so new commands must be classified at compile time.
• 403 responses from the API when using OAuth now include a helpful hint about switching to API key auth (belt and suspenders).
• cloud auth status now shows [read-only] / [read/write] labels.
• Help text, CONTEXT FOR AGENTS sections, and README updated to document the read-only scope.

Closes #98

Changes

File	What
src/cloud/client.rs	is_bearer_auth() method + OAuth hint on 403 errors
src/cloud/cli.rs	is_write_command() with exhaustive matching + updated help text
src/main.rs	Pre-check gate in run_cloud() + [read-only]/[read/write] in auth status
src/cli.rs	Updated top-level and Cloud CONTEXT FOR AGENTS
README.md	Auth docs: OAuth is read-only, API keys required for writes

Test plan

• cargo build — compiles
• cargo test — all 251 tests pass
• cargo clippy — clean
• cargo run -- cloud auth status — verify [read-only] / [read/write] labels
• cargo run -- cloud --help — verify updated agent context
• cargo run -- cloud auth login --help — verify read-only note
• Manual: OAuth login + attempt service create → clear error message
• Manual: API key login + service create → works normally

Follow-ups

• Update agent skills in ClickHouse/agent-skills repo
• Rebase PR add signup command #78 (signup command) on top of this
• Launch blog post and docs updates

🤖 Generated with Claude Code